Informed about industry technologies and standards (ex: ISO27001, PCI-DSS) & Informed about security testing types (ex: SAST,
The BRS IT Delivery Team is looking for a Specialist, Cyber Security reporting to the Senior Project Manager, IT Delivery and working closely with the Senior Specialist, Cyber Security to assist with security processes and governance.
Policies & Procedures:
- Creation of security processes and governance within the IT Delivery organization and their Business partners
- Assist with the analysis of the impact of overall Bell security policies, procedures and best practices on the departments work programs.
- Gather information about security gaps and risks within project and operational processes and assist with the determination of their impact as well as the documentation of processes and procedures to mitigate them.
- Determine “lessons learned” from any security issues and ensure that processes and procedures are documented and implemented to prevent the issues from happening in the future.
- Maintain knowledge library and documentation of security policies and procedures.
- Report on the progress made with the implementation of new processes and procedures.
- Assist with ensuring compliance with security policies, procedures and best practices.
- Assist with the coordination of the IT components of both internal and external audits to ensure security programs are in compliance with relevant laws, regulations and policies.
- Assist with the development and evaluation method to assess the security program strengths and identify areas for improvement.
- Audit and report on the adherence to the security policies and procedures and evaluate trends to support continuous improvement initiatives.
- Assist with the creation of training materials, both online and in person, to improve the understanding of department staff, contractors and Business Partners with respect to security policies and procedures.
- Lead training sessions with department staff, contractors and Business Partners so they can understand how the security policies affect their programs and projects.
- Support the IT application security testing program
- Ability to recommend changes to procedures and systems to enhance application and systems security
- Provide feedback on operational and procedural documentation as required
- Ability to serve as subject matter expert on IT security tools, polices, and controls
- Take an active role in security-related inquiries
- Ability to keep up to date on the latest security regulations, advisories, alerts and vulnerabilities
- Assist with the onboarding of security tools (testing, tracking, reporting, etc.)
- Assist with the onboarding of digital assets to the security program
- Assist or lead investigations into various security-related items
Qualifications & Skills:
- 2+ years of Business and/or Technical Analysis experience in the Security space.
- Bachelor’s degree.
- Familiarity with security best practices and risk management methodologies.
- Informed about industry technologies and standards (ex: ISO27001, PCI-DSS)
- Informed about security testing types (ex: SAST, DAST)
- Instituting cyber security and risk metrics for reporting; and establishing security processes to reduce business risk.
- Ability to determine how processes, procedures and best practices established by a corporate team will affect working teams.
- Since the position entails working with sensitive and confidential information, a high level of integrity is required.
- Ability to effectively communicate and foster strong working relationships with all levels of staff within the organization as well as external contacts.
- Taking the initiative and working proactively with minimal supervision.
Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.