Security Specialist – Senior(IT audits and/or Security Governance, Risk and Compliance)

Company Description

Arthur Grand Technologies (www.arthurgrand.com) is in the business of providing staffing and technology consulting services. We have doubled our revenue year over year for the past 5 years. This speaks to the long-lasting relationship and customer satisfaction that we have built in this short span of time. Our company is managed by a team of professionals who worked for big 5 consulting firms for 20+ years. 

We are a minority owned staff augmentation and technology consulting company
To keep our valued employees, we need to keep them engaged in challenging, interesting work, offer market-relevant benefits and provide continued opportunities for professional growth.

Job Description

Arthur Grand Technologies is currently seeking a highly motivated and Skilled  Security Specialist – Senior for one of our clients

Position:  Security Specialist – Senior

Location: 525 University Avenue, Toronto,Ontario (Hybrid – up to 3 days a week onsite)

Duration: Long Term Contract

Public Sector Experience: Not Required

Must Haves:

• 5+ years’ experience in various security domains including third-party risk management, IT audits and/or Security Governance, Risk and Compliance (GRC
• Knowledge of prevalent industry standards (ISO 27001/27002, NIST, CIS, COBIT)
• 3+ years’ experience in Threat risk assessment methodologies (TRA) such as HTRA and CSF, and frameworks such as NIST and ISO 27001/2

Responsibilities:

• Take a subject matter expert role in various security risk management initiatives and providing security expertise, facilitating collaboration and performing Risk Assessment for various projects / products / applications and services within OH and external vendors using NIST CSF.
• Analyze proposed solution architectures, technology, design and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes. Identify, analyze, and recommend options for risk management at appropriate levels within the enterprise and the health care sector.
• Present topic areas and relevant security materials to product and digital solution groups.
• Consult with members and teams in Ontario Health to implement recommended security policies and related controls.
• Track the security control implementation and working through Risk Treatment plans.
• Coordinate internal and external information security initiatives as a subject matter expert to reach feasible security solutions for issues across the health care sector.
• Take a leading role in offensive security practices and provide guidance to the teams with methodologies, tools, and processes. 
• Contribute to the ongoing development and maturing of the OH security program, consulting and assurance practices.
• Demonstrate the ability to effectively negotiate and resolve conflicts with individuals or teams in a professional and collaborative manner.
• Utilize strong communication and negotiation skills to effectively persuade individuals with differing perspectives and conflicting interests towards a mutually beneficial resolution on a regular basis.
• Implement tools and processes to manage workflow and materials related to the information security risk management.
• Stay abreast of any changes to industry best practices or legislative regulations and assess the resulting impact to the organization.
• Deep knowledge of the methodologies, frameworks, and processes in Information Security domain.
• Good Experience in conducting Threat Risk Assessments using various Framework / Methodologies / Standards such as (NIST / HTRA / ISO).
• Risk management models for assessing and mitigating various aspects of risk exposure.
• Generate risk maps to help, guide the risk owners and keep the stakeholders in the communication.

Thanks,

Afrah Faiza

Arthur Grand Technologies Inc

Arthur Grand Technologies is an Equal Opportunity Employer (including disability/vets)

Additional Information

All your information will be kept confidential according to EEO guidelines.