Third Party Security Assurance Consultant, TELUS Health
Toronto, ON, CA Montréal, QC, CA Edmonton, AB, CA Vancouver, BC, CA Ottawa, ON, CA Calgary, AB, CA
Description
Join our team:
We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be a step ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.
The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cybersecurity posture. We manage our cyber risks and provide industry-leading cyber governance, assurance and oversight to secure our data.
We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.
Here’s the impact you’ll make and what we’ll accomplish together.
As a Third-Party Cyber Security Consultant, you’ll be keeping TELUS Health safe and protected by providing Cyber oversight across a diverse Global supplier portfolio.
You will support all the key elements involved in the end-to-end 3rd Party Information Security Oversight. Primary focus being to provide assurance regarding the confidentiality, integrity, and availability on the suppliers that we have entrusted our data /infrastructure with.
For this to be achievable, it will involve working extensively with internal and external stakeholders. To allow for identification of vulnerabilities and areas of improvement to protect our Brand, colleagues and customers, in turn helping to promote a collaborative Security culture.
What you will do:
You will manage and own a diverse portfolio of supplier assessments, undertaking Information Security reviews using a defined methodology. From planning, reviewing supplier responses, supplier assessments, reporting of identified risks and provision of required remediation.
Given the nature of the role you will be providing guidance to both internal and external stakeholders:
- Assessing Supplier responses to a defined sets of Information Security controls, ensuring quality and completeness of returns
- Reviewing Supplier responses and identification of risk / vulnerabilities. Liaising with key stakeholders to ensure appropriate escalation and remediation
- Maintaining and producing reports and management information. Ability to report clearly and articulate non-conformities and advise on required actions to remediate. An adaptive communication style to reflect a diverse stakeholder audience
- Collating and assessing various Cyber intelligence sources to help provide greater insight as to the Suppliers Security posture
- Share knowledge and mentoring to colleagues, supporting queries and providing guidance in relation to Cyber Security 3rd Party assurance
- Attending meetings, workshops, acting as delegate for Manager when required
- Actively contribute to the ongoing development of the Team through constructive challenge, providing solutions, innovation and continual improvement
- Reinforce TELUS Health's Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders
Qualifications
What you bring:
- 4 + years of applied Cyber Security Assurance experience. Ability to demonstrate expertise and application of knowledge, in terms of technical and softer skills that are required in managing a diverse portfolio
- Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities / areas of control enhancement
- Adept at reviewing Supplier Security policies and standards to ensure appropriate scope and adequacy
- Clear understanding of information security principles, including risk management, incident response, and threat analysis
- Strong stakeholder management and interpersonal skills. Ability to engage and develop relationships across a broad range of geographies and sectors
- Strong organizational skills, with the ability to coordinate and effectively self-manage your own portfolio of work, independently to ensure high quality and timely delivery
- Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement
- Strong communication skills (verbal and written)
- Strong analytical skills, attention to detail and coupled with capability to identify omissions/ gaps /areas of focus
- Ability to accommodate travel and time away from home may be required
Nice to haves:
- CISM, IS027001 LA, CISA
- Procurement knowledge, reflective of the Supplier lifecycle
- Operational Risk experience
- Billingual (French & English)
#Li-Remote
By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.