Security Analyst Customer & Audit Compliance
Mississauga, ON, CA, L5N 0E1
Applications have closed
Description
Working in Purolator’s Security and Compliance team, the Customer and Audit Compliance Analyst is accountable to operate and help mature our cybersecurity – vendor risk management (CS-VRM) program as well as be responsible for ensuring compliance to security guidelines and auditing requirements. You will work with a wide array of vendors and internal teams to manage vendor cybersecurity risk. You will have a great opportunity to shape and build our emerging CS-VRM program.
The work we do at Purolator impacts every Canadian. To work with us, you must be eligible to obtain a Reliability Security Clearance.
Responsibilities
- Understand and assess inherent and residual risk associated with vendors providing services to Purolator.
- Understand and bring security awareness to the product teams on applicable standards/policies.
- Manage CS-VRM service provider(s) performance.
- Assist Procurement and project teams with vendor contract negotiation.
- Identify and implement improvements to mature the CS-VRM program.
- Make recommendations to enhance the CS-VRM governance model (e.g. policies, processes, KPIs) as well as existing tolls and solutions to keep up with industry standards.
- Report to management on CS-VRM risk levels.
- Work cooperatively with all stakeholders, internal and external.
Additional Responsibilities
- Experience with cyber security, controls testing, and presenting.
- Familiarity with service organization audit standards (e.g., SOC 2, PCI) and reports.
- Auditing or compliance experience with cloud services would be an asset.
- Ability to understand and interpret penetration test reports.
Education
- Undergraduate degree in computer science, business or equivalent.
- CISSP, CISA certifications and accreditations are all recommended.
Experience
- 1 to 3 years in an information security role.
- 1 to 3 years managing or interacting with vendors (service providers).
- Exceptional interpersonal skills and proven to flourish working in a fast-paced environment.
- Ability to work effectively in a cross-disciplinary team, across multiple projects and multiple locations.
- Sharp analytic and problem-solving capabilities that go beyond strict technical expertise.
- Broad IT knowledge and strong level of familiarity with information security industry best practices.
- Previous CS-VRM experience preferred.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISSP Clearance Cloud Compliance Computer Science Governance KPIs Risk management Security Clearance SOC SOC 2
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.