Security Governance, Risk and Compliance Specialist
Job Description & How to Apply Below
About Us
Tecsys is a fast-growing innovator offering supply chain solutions to industry leading healthcare systems, hospitals, and pharmacy businesses to distributors, retailers, and 3PLs. We work with industry leaders to transform their supply chains through technology. If you thrive on tackling interesting challenges with continuous learning opportunities, then Tecsys could be a good fit for you!
About
The Role
We are seeking a Security Governance, Risk and Compliance Specialist who will be involved in defining how security can enable business initiatives, and how we should meet security best practices, as well as applicable various contractual and regulatory requirements. The successful candidate will be supporting the implementation of a security risk management framework. The GRC specialist's role will also encompass the management of vendor risk and business continuity programs.
As a security subject matter expert, you will recommend improvements to reduce, contain and mitigate identified risks, as well as partake in various business and security initiatives to improve Tecsys's security maturity.
What You'll Do
Support continuous security risk management framework
Collaborate with technical teams for the development, implementation and monitoring of required corrective action plans relating to security compliance issues or audit deficiencies
Collaborate with stakeholders to define processes, automate and continuously monitor information security controls, exceptions, risks, testing and evidence gathering.
Develop reporting metrics and dashboards
Help identify cyber risks and solve various governance gaps and process inefficiencies
Develop, execute and actively partake in internal and external security and compliance assessment initiatives such as SOC 2, PCI-DSS, NIST, FedRAMP
Review and optimize vendor risk management program
Monitor existing controls and conduct periodic audits and reviews to ensure their efficiency and operating effectiveness, and to identify and report on potential issues
Collaborate with internal IT and business teams to identify cyber risks and prioritize security compliance-related improvements
As security subject matter expert, support IT and cyber teams on the implementation of controls to meet security and privacy compliance requirements and best practices
Support the development, review, update and optimization of security documentation
Requirements
Formal Education & Certification Bachelor's degree in information systems or equivalent experience
Minimum 3 years of cumulated hands-on experience
Knowledge & Experience Experience in the development and implementation of governance, risk and compliance strategy and security control framework
Experience in risk assessments and cyber risk management methodology/processes
Broad knowledge of defense in depth security concepts and best practices through practical experience
Good knowledge of cybersecurity frameworks such as NIST, CIS, PCI DSS
Familiarity with business continuity process and planning
Familiarity with IP networking fundamentals and internet protocols
Familiarity with Linux, Mac, and Windows operating systems, mobile devices, and the IT application landscape
Familiarity with public cloud Infrastructure-as-a-Service (IaaS) environments and Software-as-a-Service (SaaS) solutions.
Personal Attributes Ability to work with minimal supervision
Strong ability to define problems, collect and analyze data, establish facts and draw valid conclusions.
Positive attitude and agile mindset
Motivated, team, and customer oriented
Not afraid to fail
Excellent interpersonal skills.
Ability to plan and deliver on commitment
Strong proficiency in both written and verbal English communication essential for effective correspondence with clients, suppliers, business partners, and colleagues beyond the province of Quebec.
We understand that experience comes in many forms and that careers are not always linear. If you don't meet every requirement in this posting, we still encourage you to apply.
At Tecsys, we are committed to fostering a diverse and inclusive workplace where all employees feel valued, respected, and empowered. We believe that diversity drives innovation and strengthens our ability to deliver exceptional solutions. We welcome and encourage applicants from all backgrounds, experiences, and perspectives to join our team.
Tecsys is an equal opportunity employer. Accommodation is available for applicants selected for an interview.
NB: if you are applying to this position, you must be a…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×