Are you a specialist in personal data protection and information security? Do you have proven expertise in improving and supporting information security (ISMS) and privacy (PIMS) management systems under the ISO 27001 standard?
We are interested in your profile!
Role and Responsibilities
You will report to the Senior Director, Information Security and be responsible for analyzing existing practices, issuing recommendations and promoting best practices.
Moreover, you will play a key role in working closely with clients concerning questions relating to core ISMS and PIMS processes.
More specifically, you will be expected to :
Prepare for and participate in the annual audit of ISMS / PIMS policies, standards, guidelines and processes;
Identify and promote the effective management of risks in accordance with the risk management program;
Participate in compliance assessments and facilitate audits to ensure that data belonging to Fasken and its clients is properly protected;
Analyze the risk impact on activities and the protection of data and personal information;
Identify risks that could affect Fasken in both its physical and cloud environments;
Support the development of solutions for automating and streamlining information security risk management practices;
Conduct a risk analysis of proposed information technology projects and service providers and provide guidance in this regard to ensure implementation of secure solutions;
Develop risk management assessment measures, reports, presentations and dashboards;
Respond to client information security and data protection questionnaires;
Ensure ISMS and PIMS compliance and continuous improvement;
Promote good practices at Fasken through security and privacy awareness training.
University degree in computer science, information security, information technology or in a related field of study, or an equivalent combination of studies and experience;
Certified professional in information security or risk management (CISSP, CISM, CISA, etc.);
Five (5) years of experience in a similar position with three (3) years of experience in any of the following areas : internal IT audit;
governance / risk and compliance, information security awareness and training, third-party risk assessments, privacy compliance assessments / risk analysis;
Experience in a professional services firm is an asset;
Excellent command of both French and English, spoken and written.
Knowledge of risk management best practices and regulations in personal data protection and information security;
Expertise in security technologies such as encryption, multi-factor authentication, cloud and web security applications, data loss prevention, etc.;
Excellent analytical skills, keen sense of judgment, rigorous and meticulous;
Strong oral and written communication skills, and adept at making technical concepts easier to understand;
Strong interpersonal skills, and ability to interact with different stakeholders with tact and courtesy;
Positive attitude focused on finding solutions and a desire to provide outstanding customer service;
Professional, tactful and is a team player;
Fasken is a top tier international law firm, with over 800 lawyers in ten offices across four continents. Our clients rely on us for practical, innovative, and cost-efficient legal support.
We find solutions to the most complex commercial problems, offer exceptional value, and keep the client at the centre of all our activities.
Why Join the Fasken Team?
For a flexible work environment where working from home is supported by a first-rate technological environment;
To work with colleagues who are enthusiastic and dynamic;
For a friendly work environment, where respect, openness and innovation are core values;
For a competitive salary, a health and well-being program and an insurance plan adapted to your needs;
To join a firm that is internationally recognized for its excellence.
Interested in the Challenge?
Fulfill your potential by sending your application in complete confidence to : rhmtl fasken.com.