As a member of CGI’s Global Security team, the Supply Chain Security Risk Analyst plays a hands-on role in the Supply Chain Security Risk process.
The incumbent will support the execution of the defined process and to ensure the program is operating effectively
according to expected levels of standards and quality.
Location is not a barrier for this role. We are open to considering candidates who are able to work from any of our CGI locations in Canada.
Your future duties and responsibilities
Perform security risk assessments of CGI’s third parties who may meet materiality criteria for evaluation
Ensure timely and accurate reporting of security metrics (KPIs / KRIs)
Schedule review of security assessments of existing third parties
Assist security and business operations in the development of acceptable risk mitigation plans
Execute information security risk and control identification, evaluation, documentation, analysis and reporting using analytical tools to support the process
Partner with cross functional stakeholders (Global Procurement, Legal, CIO, Business Unit Security teams, etc.)
Monitor and document all third party risk information, including regular reports for senior leadership & management teams
Ensure contractual adjustments are made to agreements between CGI and its vendors to include protection of information and facilities
Assist with the escalation of any issues that may impact business objectives and priorities involving vendor selection
Perform other duties as deemed necessary
Required qualifications to be successful in this role
Bachelor’s Degree or equivalent
Relevant security certification (CISM / CISA; CISSP, etc.)
Minimum of three (3) years’ experience in information security
Experience with producing management reports and developing KPIs
Expert knowledge of security / risk control frameworks (COBiT, ISO 27001, PCI-DSS, NIST CSF, ITIL), and business continuity / disaster recovery frameworks (ISO 22301, ISO 27031)
Previous experience working with vendor assessments for a global organization
Previous experience with reviewing security assessment results (penetration tests, control evaluation, vulnerability assessments, audit results, etc.)
Highly self-motivated, self-directed and attentive to detail
Facilitation skills with an ability to build relationships with stakeholders
Excellent oral, written and interpersonal communication skills
What you can expect from us
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership.
All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.