Senior Security Consultant - Compliance Team
Ottawa, ON, CA Montréal, QC, CA Qu?bec City, QC, CA Rimouski, QC, CA
Description
Our team and what we’ll accomplish together
We live in a fast-paced cyber-world where protecting information assets and infrastructure is an essential priority for consumers, businesses, and Canada. At TELUS Security, we strive to deliver innovative security solutions with top talent.
Our Corporate Information Security, Public Sector Compliance team is responsible for ensuring TELUS is compliant with the contractually signed security requirements with our largest customers. The types of contracts we support pertain to Federal and Provincial governments or other Crown Corporations.
The work of the Public Sector Compliance team directly drives improved security and privacy outcomes to TELUS customers and the communities we serve. Succeeding means improving customer experience with TELUS' services, ensuring our services meet security standards, and helping TELUS avoid costs from redesign or incident response efforts. This position offers a completely remote work opportunity, providing the flexibility to work from any location within Canada.
What you’ll do
- Help identify, implement, maintain and update critical security controls to strengthen overall security posture for RFP programs
- Lead gap assessment, risk assessments, internal audit, compliance readiness, and compliance monitoring activities
- Set strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, and delivering metrics
- Document and deliver processes, procedures and playbooks for cybersecurity contractual requirements
- Provide specific, proactive recommendations for implementing cybersecurity controls and procedures to relevant internal and external stakeholders
- Interface with consultants and auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to specific contracts
- Communicate compliance program results, including assessment status, workflow, remediation and reporting to a broad audience
- Support delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordinating resolution of roadblocks and compliance risk
Qualifications
What you bring
- Bachelor’s degree and/or professional designation specializing in Computer Science, Engineering or Information Security
- Professional security designations, such as CISSP, CCSP or CISM, from recognized security institutes such as SANS, ISC2, and ISACA
- 4 or more years of experience in information security consulting, compliance and/or auditing
- 4 or more years of experience with IT security management (system dumps, logs and/or technical documentation)
- Experience with Microsoft SharePoint and Office suite
- Experience communicating cybersecurity requirements, change requests and reporting to customers
- Experience in one or more of the following domains: IP networking, Cloud computing or Telecommunications
- Strong ability to work within a team environment and self-manage your work in an outcome based approach
- Proficiency in both written and spoken English and French (non-negotiable)
Great-to-haves
- ITIL knowledge or certification
- Experience with GRC and Compliance Tools
- Workflow automation experience (VBA, Python, GPT or similar)