ISO Cybersecurity Compliance Lead

Join our team as an ISO Cybersecurity Compliance Lead!  In this role you’ll be achieving and managing ISO certification.  You’ll be creating policies and procedures, cross functional framework charts, will assist in creating Information Security test plans, working with consulting agencies on implementation and program management to achieve ISO and other regulatory certifications.

We are ideally seeking a candidate located in Calgary.

What Will You Be Doing?

• Collaborating with external consulting firms to facilitate the implementation of ISO 27001 certification and other certifications ensuring alignment with healthcare compliance requirements.
• Managing projects to achieve and maintain ISO 27001 and ISO 27701 certification.
• Assisting in gap analysis, risk assessments, and the development and implementation of necessary controls.
• Creating, reviewing, and updating cybersecurity policies, procedures, and guidelines to ensure compliance with ISO 27001, ISO 27701, HIPAA, HITECH, and other applicable standards.
• Maintaining thorough documentation of all compliance activities, including risk assessments, audit findings, and corrective actions.
• Preparing regular reports for the IT leadership group and ensure all healthcare-related compliance documentation is up to date.
• Conducting risk and compliance assessments of IT and Security standards.
• Coordinating external and Internal audits, providing documentation for audits.
• Upgrading cyber security programs and capabilities, implementing and maintaining security controls.

As The Successful Candidate You Have:

• A bachelor’s degree in information security, Computer Science, or a related field.
• 3 to 5 years of experience in cybersecurity, with a focus on compliance and implementing ISO 27001, ISO 27701 and other privacy frameworks
• Experience in implementing and maintaining ISO 27001, ISO 27002, ISO 27701 certifications and healthcare-related compliance
• CISA, Security + etc. certifications or pursing certifications considered an asset
• CIS 2.0 security and NIST 800-53 framework controls considered an asset
• IT and security policy, standards and procedures creation and maintenance
• Identity Access Management and Privileged Access Management (IAM and PAM)
• Role and attribute-based access controls (RBAC and ABAC)
• ISO 27001 Implementer or Auditor is considered an asset
• Bilingualism (French/English) considered an asset

How You'll Benefit working at our Home Office: 

• A comprehensive total rewards package, including two free pairs of glasses and lenses per year 
• A coaching culture that fosters ongoing growth and development opportunities 
• A people-first culture, (but dogs are also welcome) 
• An organization that gives back locally and nationally, and supports you in doing so as well 

Why You Should Join Us:

FYihealth group is Canada's leading diversified healthcare organization comprised of FYidoctors, Visique, BonLook, and solis optics. Doctor-led, professionally managed, and patient-focused, the organization concentrates on delivering outstanding eye care with patient-centric products and services. Our purpose is to enhance the lives of our patients.  We are Canada’s fastest-growing eye care provider with our Canadian-owned ophthalmic lens manufacturing facility and distribution center.  

At FYihealth group, our core values are Diversity, Equity, Inclusion and Opportunity. We are proud to be an equal opportunity employer and are happy to provide accommodations, should they be required, at any point in the application process. If you require an accommodation, please let your recruiter know. All accommodation information will be kept confidential and used solely to ensure an accessible candidate experience.

#LI-SP1