Cybersecurity Specialist, Governance, Risks and Compliance (GRC)

Company Description

Be part of the journey!

Come aboard a committed and human company that needs you!

Why should you join our team? We offer the pride of working for a local company with an international reach, with professionals who are passionate about travel! You will evolve in a stimulating telecommuting environment where team cohesion is paramount. And of course, you will take advantage of our travel benefits to discover our destinations on board the best leisure airline in North America!

Job Description

As part of the GRC cybersecurity team, you will work closely with all business units to help Transat meet its compliance requirements. You will also help Transat identify and monitor the various business risks to which the company may be exposed.

If you feel like an orchestrator, you will be able to coordinate activities with the various internal stakeholders and service providers to ensure that the objectives of the cybersecurity program are met.

Responsabilities:

• Manage and respond to requests from business lines to assess risks and provide cybersecurity recommendations.
• Participates in the development and evolution of GRC team practices by aligning with the cybersecurity strategy and program.
• Collaborate with the project management office to ensure that solutions are aligned with corporate security standards/policies and identifies related activities
• Perform and manage risk assessments in project and during third parties’ assessments.
• Act as an expert and advisor in the identification and planning of information security controls to be implemented in the organization.
• Participate in projects and the implementation of cybersecurity program solutions and controls.
• Ensure that security controls are applied as agreed and that evidence are maintained.
• Participate in forensics activities related to information technologies.
• Participate in the production of reports and presentations for management.
• Act as an expert advisor ensure compliance with regulations (PCI, IOSA, 52-109, SOC 2, Law 64, GDPR, etc.)
• Ensure a technological watch of available solutions and the evolution of good practices.
• Manage the development of the cybersecurity governance framework (strategy, program, policies, procedures...)

Qualifications

• Holder of a bachelor's degree in computer science or the equivalent and at least 5 years of experience in cybersecurity.
• Mastery of cybersecurity concepts and best practices including repositories such as NIST, CIS, ISO and architecture and infrastructure principles.
• Mastery of risk assessments concepts
• Good knowledge on principal cybersecurity platforms
• Knowledge with cybersecurity related laws, regulations and compliance requirements (PCI-DSS, GDPR, PIPEDA, etc.) Knowledges of risk assessment concepts
• Good understanding of external and internal attack techniques
• Good judgment in assessing risks and threats
• Recognized cybersecurity certification such as CISSP, CISA, CISM, GIAC (or equivalent)
• Rigorous, responsible and respectful
• Ability to work in a team, under pressure and independently.
• Ability to work remotely: work in hybrid mode (office and home)
• Mandotory knowledge of French, speaking and writing
• Knowledge of english speaking and writtting necessary for discussions with English providers.

Additional Information

#LI-Remote

Employment Equity

At Transat, we foster an environment where inclusiveness, respect and equity reign. We endeavour to build a workforce that reflects the diversity of our customers as well as the communities to which we travel. We encourage women, members of visible minorities, ethnic minorities, aboriginal peoples as well as people with disabilities to submit their candidacy. Transat will accommodate people with disabilities throughout the recruitment and selection process. If you require an accommodation, please contact us in order to work together in meeting adequately your needs. To facilitate the reading of this document, the masculine form has been retained.