Business Information Security Officer

Description

Join our team & what we'll accomplish together

The Acquisition Security Program (ASP) team is seeking an experienced Business Information Security Officer/Senior Security Consultant to evaluate security risks in acquired organizations and recommend solutions. You will use your expertise to assess security controls, communicate compliance requirements to stakeholders, and demonstrate how TELUS protects systems, data, and customers. This role offers the opportunity to strengthen our organization's security posture during critical acquisition phases.

What you'll do

As a Business Information Security Officer/ Senior Security Consultant, you will assess the security readiness of organizations TELUS plans to acquire or has recently acquired. You will oversee the development and maturity of our acquisition security program. You will apply your expertise in security technology and industry best practices to evaluate and continuously improve our security policies and standards. You will also manage our internal security procedures and documentation. You will collaborate with colleagues and external partners. You will leverage your technical expertise in compliance, risk management, regulatory requirements, and security architecture to provide guidance to teams across TELUS.

Here's how

• Evaluate project requirements and provide recommendations that align with industry best practices and standards
• Prepare clear and comprehensive communications (written and verbal) to respond to auditor and customer inquiries
• Assess the security posture of acquisition targets and document findings to inform investment decisions
• Deliver actionable recommendations to strengthen acquisition security policies and procedures
• Develop and implement long-term strategies to advance our acquisition security program
• Manage multiple concurrent projects independently while managing time and priorities effectively

Qualifications

What you bring

• You have a minimum of 5 years of experience in information security
• Bachelor degree in Computer Science, engineering or related discipline
• You can communicate security requirements and compliance implications clearly to executive leadership and other stakeholders
• You can analyze complex security challenges and explain them in straightforward, accessible language
• You have hands-on experience with IT security assessments, information security consulting, or IT risk analysis
• You demonstrate leadership capabilities, strong collaboration skills, and are a dependable partner to internal and external stakeholders
• You are proficient in developing and maintaining documentation for security compliance and establishing achievable objectives
• You have a track record of evaluating information security systems and developing improvement recommendations

Great-to-haves

• Professional certifications in security, risk management, or auditing (such as CISA, CRISC, CISSP, or CISM)
• Knowledge of industry frameworks and standards, including NIST, ISO 27001/2, PCI-DSS, or COBIT

Advanced knowledge of English is required because you will most of the time interact in English with external parties (clients, suppliers, candidates, external partners, etc.); interact in English with internal parties (colleagues, internal partners, stakeholders, etc.); and work with IT tools whose interface is only accessible in English as part of this position's main responsibilities given its international scope.

#LI-Remote