Internal Security Assessor
Cogeco Peer 1
Toronto, ON
6d ago

Position Summary :

Cogeco Peer 1 is looking for an Internal Security Assessor that will plan and execute security assessments that support the security and compliance strategy of the company.

The successful candidate will play a key role in the Legal and Business Assurance department in providing the business comfort that security and compliance risks are identified, assessed and reported appropriately.

Key Responsibilities :

  • Responsible for the ongoing certification and compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) program throughout the organization including performing periodic assessments.
  • Leads the annual PCI DSS assessment and coordinates with the external assessors.
  • Assist in developing an audit program to address key risks identified by the business and conducting audit / assessments(including areas of the business outside of PCI requirements).
  • Conduct security specific assessments such as(but not limited to) third party vendors and applications.
  • Analyse technical controls for quality and provide advice to control owners.
  • Participate in policy and procedures review to ensure there is no conflict with current compliance reports.
  • Assist the Compliance team to develop the overall governance and compliance program for the company.
  • Prepare audit reports for management review
  • Assist with inquiries from both internal and external sources that pertain to technical security and compliance related questions.
  • Assist in other activities such as : Participate in RFP responsesProject and initiative impact reviews
  • Participate in RFP responses
  • Project and initiative impact reviews
  • Reviewing potential solutions and tools to be used by the business
  • Skills :

  • Highly developed communication and influencing skills with ability to build relationships across the organization at all levels.
  • Detail oriented and ability to focus on granular level compliance and security issues
  • Ability to challenge constructively and enforce appropriate boundaries.
  • Ability to perform control reviews on systems development, operation, programming, control, and security procedures and standards.
  • Work Experience :

  • Proven experience as an IT security auditor.
  • Experience in performing or maintaining PCI DSS certification
  • Demonstrated knowledge and previous experience with other compliance audits and certifications such as : Service Organizational Controls(SOC) audit reports SOC 1 and SOC 2NISTHITRUST(HIPAA)ISO 27001
  • Service Organizational Controls(SOC) audit reports SOC 1 and SOC 2
  • ISO 27001
  • Knowledge in organizational controls framework.
  • Research skills compiling and analyzing information.
  • IT and Systems knowledge general understanding of IT, operational support and business support systems.
  • Network knowledge general understanding of network technology and architecture(routing, firewalls, etc.)
  • Approximately 3-5 years experience in audit and compliance role.
  • Approximately 2-3 years experience in Audit Project Management.
  • Approximately 1-3 year(s) experience in security, IT, and network systems.
  • Education

  • Degree or diploma.
  • PCI SSC Internal Security Assessor (ISA) preferred but not required
  • Certified Information Systems Auditor (CISM) preferred but not required
  • Applicable certification / professional qualification.
  • Apply
    Add to favourites
    Remove from favourites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form