Cyber Security Advisor - Compliance

Date: Apr 8, 2021

Location: Brampton, ON, CA, L6T 0C1

At Rogers, we connect Canadians to a world of possibilities and the memorable moments that matter most in their lives. Every day we wake up with one purpose in mind. To bring loved ones together from across the globe. To connect people to each other and the world around them. To help an entrepreneur realize their dream. A sports fan celebrate a special moment.

Because we believe connections unite us, possibilities fuel us, and moments define us.

 

As we grow our team, the well-being of our team members remains our top priority. To ensure the health and safety of our team members, including those in the recruitment process, our team members are temporarily working from home.

Rogers is seeking a Compliance Advisor to support the Information Security Compliance program. Reporting to a Sr. Manager of Information Security at the Rogers Brampton Campus, this individual will be responsible for supporting adherence to regulatory compliance requirements, including but not limited to Third Party compliance, PCI-DSS, SOX and is responsible for supporting related compliance activities. This role ensure policies and processes are properly designed and controls are operating effectively, to meet regulatory requirements, as well as facilitates and oversees internal and external compliance audit and assessment activities for the organization.

 

What you will be doing...

  • Provide subject matter expertise for:
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Sarbanes-Oxley Act (SOX)
  • System and Organization Controls Reports (SOC)
    • SOC 1 - SOC for Service Organizations: Internal Controls over Financial Reporting
    • SOC 2 - SOC for Service Organizations: Trust Services Criteria
    • SOC for Cybersecurity
  • Work with key stakeholders to translate regulatory requirements and standards into policies, processes and controls.
  • Assess changes to regulatory requirements and standards and determine impact on internal policies, controls and processes. Make recommendations for associated changes to policies, controls and processes, and simplify implementation.
  • Identify and evaluate technology risks, internal controls to mitigate risks, and related opportunities for continuous control improvement. Facilitate and document risk assessments and communicate key findings
  • Evaluate implementation of new technologies / processes and agreements with third-party service providers to ensure continual compliance with regulatory requirements.
  • Responding to RFPs about data protection, trust services, our attestations, etc.
  • Customer Contract reviews and negotiations regarding data protection clauses, related regulations and compliance commitments

 
What you have...

  • Undergraduate degree in Information Management, Computer Science, Engineering, or emphasis in technology or related field
  • Experience with information security and/or IT audit
  • Proficientcy with Sarbanes-Oxley (SOX) and/or PCI work experience
  • Experience performing SOC report audits
  • Experience interpreting industry and regulatory requirements and authoring supporting controls
  • Experience with information security related frameworks (ISO 27001, COSO, Cloud Security Alliance)
  • Previous experience working for Big 4 in risk advisory / assurance an asset.
  • CISSP, CISA, CISM, CA, PCIP, QSA or similar certification are assets.
  • Excellent interpersonal skills.
  • Demonstrable understanding of how to network and develop working relationships with various key stakeholders
  • Strong business and technical acumen
  • Strong analytical, research, writing, and communication skills
  • Communicates effectively with meaningful and articulate verbal discussions. Creates clear and coherent written materials. Synthesizes information into succinct, concise and logical summaries and reports.
  • Ability to work with teams to achieve goals and meet deadlines in a fast-paced environment
  • Works well under pressure and time constraints and can prioritize competing priorities appropriately
Schedule: Full time
Shift: Day
Length of Contract: No Selection
Work Location: 8200 Dixie Road (101), Brampton, ON 
Travel Requirements: None
Posting Category/Function: Technology & Information Technology
Requisition ID: 219603
 
Together, we'll make more possible, and these six shared values guide and define our work:
 
  1. Our people are at the heart of our success
  2. Our customers come first. They inspire everything we do
  3. We do what’s right, each and every day
  4. We believe in the power of new ideas
  5. We work as one team, with one vision
  6. We give back to our communities and protect our environment
 

What makes us different makes us stronger. Rogers has a strong commitment to diversity and inclusion. Everyone who applies for a job will be considered. We recognize the business value in creating a workplace where each team member has the tools to reach their full potential. At Rogers, we value the insights and innovation that diverse teams bring to work. We work with our candidates with disabilities throughout the recruitment process to ensure that they have what they need to be at their best. Please reach out to our recruiters and hiring managers to begin a conversation about how we can ensure that you deliver your best work. You matter to us! For any questions, please visit the Rogers FAQ.

 
Posting Notes:  Information Technology & Engineering 


Job Segment: Compliance, Engineer, Law, Cyber Security, Legal, Security, Engineering

Email similar jobs to me