Job
Description
About The Role
Project Role :Security Advisor
Project Role Description :Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders.
Must have skills :Governance Risk Compliance (GRC)
Good to have skills :NAMinimum
5 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:As a Security Delivery Lead, you will be responsible for overseeing the implementation and delivery of Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals with organizational objectives, ensuring that security measures are effectively integrated into all aspects of project delivery. Your role will also require you to monitor project progress, address any challenges that arise, and facilitate communication among team members to foster a collaborative work environment.
Roles & Responsibilities:- Conduct comprehensive risk assessments on information systems, applications, and network infrastructure using the Canadian Tire Corporation Cyber Risk Assessment methodology, processes and templates.- Identify and evaluate potential security threats and vulnerabilities.- Develop and implement risk mitigation strategies and action plans.- Collaborate with IT and other departments to ensure compliance with security policies and standards.- Monitor and analyze security incidents to identify trends and recommend improvements.- Prepare detailed Canadian Tire Corporation Cyber Risk Assessment reports on risk assessment findings and manage the reports through the Cyber Risk Assessment QA process- Manage the IT, Business level and CISO review and sign off for risk acceptance and / or risk mitigation forms- Stay up-to-date with the latest cyber security trends, threats, and technologies. Professional & Technical Skills:
-
Must To Have Skills:Proficiency in Governance Risk Compliance (GRC).- Strong understanding of risk assessment methodologies and frameworks.- Certified Information Systems Security Professional (CISSP) or equivalent certification is recommended.- Certified Information Security Manager (CISM) or Certified Risk and Information Systems Control (CRISC) is highly desirable.- Additional certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC certifications are a plus.
Additional Information:- Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field.- Minimum of 3-5 years of experience in cyber security risk assessment or a similar role.- Strong understanding of risk management frameworks (e.g., NIST, ISO 27001, PCI DSS).- Proficiency in using risk assessment tools and methodologies (ServiceNow GRC, IRM modules).- Excellent analytical skills with the ability to identify potential risks and develop effective mitigation strategies.- Strong communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders. Qualification
15 years full time education
