Information Security Specialist
Yoush Consulting is an Information Technology consulting firm. Yoush Consulting has been recognized by the prestigious Branham300 list of Top 25 Canadian ICT companies in 2014 and 2016;
as well as the Top 20 Canadian ICT Movers & Shakers in 2014.
Our client is one of the largest professional services network of independent accounting and consulting member firms which provide assurance, tax and advisory services to privately held businesses, public interest entities, and public sector entities.
This Information Security Specialist provides security risk assessments for internal business unit customers, support various business and information technology initiatives, and collaborates with stakeholders to reduce risks.
This role will help to drive cybersecurity risk management, advisory services and thought leadership across the organization.
Serve as an Information Security Advisor to the various lines of businesses by providing subject matter expertise as it relates to new services, products and projects.
Educate and communicate security requirements, policies, standards and procedures to business / internal stakeholders as it relates to projects and strategic initiatives.
Assess applications, infrastructure, business units, business processes and external suppliers for information security risks, identify the potential threats and exposures.
Conduct security reviews of planned initiatives across the organization and produces high quality Threat Risk Assessment reports clearly articulating risks.
Demonstrate and apply strong project management, documentation and communication skills.
Serve as the subject matter expert on a number of production security technologies and keep abreast of emerging security support technologies and industry trends.
Examine and interpret requirements documents, architecture diagrams, solution designs and other written and verbal information to determine if a project, application, infrastructure or external supplier presents security risk to the organization.
Provide recommendations to development and operational team to address security weaknesses and identify potential new security solutions.
Assist with other cyber security related tasks.
3+ years of information security consulting and advisory experience.
Experience with ERM tools, threat assessments and security testing methodologies.
Working knowledge of security standards including ISO 27001 and NIST
Must have : CISSP CISA, CRISC, GIAC or similar certification considered asset.
Direct experience with developing security metrics, KRIs and KPIs for leadership
Communicates effectively and creates clear and coherent written material. Synthesizes information into succinct, concise and logical summaries and reports.
Ability to work with teams to achieve goals and meet deadlines in a fast-paced environment.
Works well under pressure with time constraints and can prioritize competing priorities appropriately.