|Job Ref:||235b52a9||Employer:||Direct Solutions - Canada||Country:||Canada||County/State:||Ontario||City:||Toronto||Address:||Post Date:||12/10/2016 23:12|
My client in the GTA is looking for an outstanding Senior Information Security Consultant to work directly with their key clients, you will be responsible for providing security advisory support for various projects and initiatives. In addition to various operational activities that require an assessment of security risk and direction on the required security control, this role involves understanding the risks inherent to the design, implementation and operation of various technology solutions and identify and select suitable controls to manage the risks to the organization and over the course of time improve the security posture of the organization. The role requires a seasoned Information Security Professional who can understand the key business objectives of an initiative and identify and help implement controls that are aligned to the business objectives and its risk management strategy. Additionally, the advisor is expected to also provide recommendations on leading practices in the area of security governance, operations and Risk and Compliance. We are willing to accept candidates who live anywhere in Canada who have a valid Canadian passport and who can work remotely Desired Skills and Experience: 8-10 years of experience in Information Security including designing security policies/procedures, carrying out information security audits/assessments and developing security architectures Strong understanding of PCI standards, health information privacy and protection standards Experience in developing information security policies, standard operating procedures, processes, standards, and technical baseline configurations Experience in conducting Threat Risk Assessments based on ISO 27005/ HTRA and other methodologies Strong understanding of networking and security protocols and technologies, Unix and Windows based OS security and application security. (prior working experience with one or more of the above areas is preferable) Strong understanding of cloud based security. i.e. ability to understand risks and recommend controls when leveraging solutions as a service. Understanding of Identity and Access Management solutions and technologies including Federation, SSO, etc. Ability to develop security architectures for various areas such as infrastructure or application development/acquisition initiatives. Strong understanding of control frameworks and standards such as COBIT, ISO27002, NIST, OWASP,etc and experience developing Governance frameworks based on these frameworks/standards Familiarity with security tests and test methodologies including VA, Penetration Testing etc. and experience with TRA and other risk assessment methodologies and tools. One of the following certifications-CISSP, CISA, SABSA Must be able to travel and work in the US
We work to understand your requirements. For clients, that means providing candidates who are a natural fit. We work with multiple agencies and candidates to source potential employees from across North America. For our candidates, we consult with companies ranging from start-ups to established corporations, to match you to the perfect opportunity.