This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

English jobs board for the people in Laval, Québec

To post a job, login or create an account |  Post a Job

   Jobs Laval   

Find new job offers in English every day in Laval

Slide 1
Slide 2
Slide 3
previous arrow
next arrow


Explorance: Information Security Compliance And Governance Officer


This is a Full-time position in Laval, QC posted July 25, 2021.

At Explorance, we believe that each experience matters from students in higher education to employees at the workplace.

That’s why Explorance’s mission is to help organizations create a personalized journey of impact and fulfillment for their people through innovative Experience Management (XM) solutions.We believe in the human touch at Explorance and are known for our pioneering culture of reciprocity and trust.

To our employees, this means the freedom to achieve in the areas most important to them.

For our customers, it means caring for their needs and helping them succeed.

For our communities, it means doing our part to help our neighbors simply because it’s the right thing to do.Explorance is ranked the #1 best workplace in Canada by the Great Places to Work® Institute and is headquartered in Montreal with business units in Chicago, Chennai, London, Amman, and Melbourne.Explorance aims to ensure the application of best practices in cybersecurity in and around our technology offerings.

Reporting to the VP of Cloud Services and Security, your role as the Information Security Compliance and Governance Officer role will be to contribute to improving Explorance security and privacy compliance maturity level.

You will advise Business, HR, Development and IT teams on compliance matters, work with IT teams to implement and monitor IT compliance activities, perform weekly follow-up on remediation activities, perform compliance related training, liaise with external auditors, and contribute to IT Compliance own initiatives.The position is responsible for Explorance’ s overall Information Security Program including but not limited to daily operations of the security program, oversight of the annual and ongoing risk assessment process, development, implementation, and update of policies and procedures, ensuring the confidentiality, integrity and access to information and of monitoring program compliance as well as investigation and tracking of incidents and breaches and in compliance with local and global regulations and legal requirements.Responsibilities:Build a strategic and comprehensive information security program that defines, develops, maintains and implements policies and processes that enable consistent, effective information security practices which minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled and processed within ExploranceEnsure information security policies, standards, and procedures are up-to-dateInitiate, facilitate, and promote activities to foster information security awareness within the organizationCreate a culture of cyber security both with the IT organization and driving behavioral changes for the businessEvaluate security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessaryManage security incidents and events involving IT systemsEnsure that the disaster recovery, business continuity, risk management and access controls needs are addressedEnsure compliance with the administrative, technical and physical safeguardsManage 3rd party security audits and penetration testing initiativesServe in a leadership and functional role for security complianceWork closely with the internal teams to ensure alignment between security and privacy compliance programs including policies, practices and investigations, and acts as the point of contact for the information systems and compliance departmentsInitiate and perform periodic information security risk assessment/analysis, mitigation and remediation.

Responsible for development and implementation of security risk management planSupport the implementation of controls and perform period audits to ensure that activity is appropriate.

Such activity would include, but is not limited to, logons and logoffs, file and system accessEnsure the organization has and maintains appropriate system use and disclosure / confidentiality and Privacy statementsOversee, develop and/or deliver initial and ongoing security training to the workforce Initiates, facilitates and promotes activities to foster information security awareness within the organization and related entitiesParticipate in the development, implementation, and ongoing compliance monitoring of all business agreements, to ensure security concerns, requirements, and responsibilities are addressedEstablish and administer a process for investigating and acting on security incidents which may result in a privacy breach.Partners with Human Resources and Business Process to ensure consistent sanctions for security violationsMaintains current knowledge of applicable local, federal and international laws, as well as certification requirements and accreditation standards.Serve as information security officer to all departments for all data security related questions and issuesParticipate in 3rd party vendor risk and compliance assessment activities such as SOC reports reviews or other control assurance reportsProfessional Experience/Qualifications:Bachelor’s degree in a field related to Information Technology, Business or Risk Management or a related IT security certification such as CISSP, CISM, CISA, CCSPSecurity industry related knowledge and credentials, such as SOC2 NIST 800-53, ISO 27001, OWASPKnowledge and experience in local and federal information security laws, such as PIPEDA, FERPA, GDPR, FedRAMPUnderstanding of risk assessment methodologies (e.G.

RCSA), internal controls and controls testing (e.G.

SOC2), and industry technology risk management frameworks, as well as familiarity with SDLC and Project Management methodologiesAdditional Requirements:A high level of integrity and trustDemonstrated organization, facilitation, written and oral communication, and presentation skillsInterpersonal, influencing and negotiation skills with the ability to work effectively with all levels of the organizationDemonstrated skills in collaboration, teamwork, and problem-solving to achieve goals.Excellent writing skillsKnowledge and direct experience with Resiliency-Disaster Recovery and Business Continuity compliancePowered by JazzHRkl1HggIHPP