10228 – Cybersecurity Quality Assurance Specialist

Category:
Information Technology
Industry:
Oil & Gas
Type:
Full-time
Location:
Calgary, AB
Job ID:
#171447

Our client, a Canadian multinational energy transportation company with a focus on the transportation, distribution and generation of energy, has an immediate need for a Cybersecurity Assurance Advisor with an in-depth knowledge of Cybersecurity Governance and Metrics. This is a contract position for one (1) year located in Calgary, Alberta. 

Description: 

With an in depth knowledge of Cybersecurity Governance and Metrics, the Cybersecurity Assurance Advisor will support the Manager of Governance Risk and Compliance. This is a key role with a primary focus of this role is to provide assurance that the organization is following its cybersecurity policies and standards. This will involve designing metrics, reporting and dashboards that demonstrate policy and standard compliance to internal and external entities. 

Specific Accountabilities 

Governance 

  • Responsible for the collection of metrics, providing data assurance and reporting related to demonstration of effective Cybersecurity Governance and adherence to Enbridge Cybersecurity policies and standards. 
  • Responsible for supporting metrics collection for the cybersecurity control framework each quarter. 
  • Support the facilitation of internal and external audit engagements. 
  • Provide assurance gap analysis based on the metrics collection with recommendations for improvement. 
  • Develop processes to report on and leverage disciplinary actions when users are in violation with policy and standards. 
  • Acting as a subject matter expert, the Cybersecurity Assurance Advisor will oversee the adoption activities and in the implementation existing and new policies and standards across the enterprise. 
  • Conducts self-assessment activities to ensure effective cybersecurity governance. 
  • Influence the creation or update to policies and standards based on trends and gaps identified in reporting. 
  • Create and update Cybersecurity Policies, Standards and Procedures as required. 

Reporting 

  • Monitor assurance metrics within various business units to ensure effective application of Cybersecurity standards. Provide quarterly reporting. 
  • Work with various SMEs to identify new data sources and reporting to ensure policies, standards and guidelines are being applied 
  • Work closely with the Security Advisory team to ensure violations are appropriately ranked reviewed and remediated/risk accepted. 

Assurance 

  • Perform regular assurance spot checks to guarantee continuous adherence to policies and standards. 
  • Supporting the Manger of Governance Risk and Compliance and on key compliance areas CISO engagement in the areas of Regulatory, SOX and Policy Compliance 
  • Be a key contributor for establishing common approaches for monitoring of compliance efforts, remediation of control gaps and continuous improvement for processes. 
  • Participate in the compliance engagements with external parties, including regulatory bodies, as they relate to cybersecurity 

Must have Qualifications 

  • University degree in Computer Sciences, Engineering, Audit, Business or related disciplines 
  • A minimum of 4 + years of progressive hands-on experience in the field of cybersecurity, IT governance and cybersecurity metrics creation. 
  • Working knowledge of Cybersecurity Assurance activities 
  • Highly disciplined and professional in regard to handling confidential information 
  • Demonstrated understanding of various compliance and quality assurance roles. 
  • Demonstrated ability in operational reporting 
  • Ability to effectively interact with personnel involved in policy, technical, operational, and program management work 
  • Excellent communication skills including technical and business writing, documentation and presentation skills 

Preferred Qualifications 

  • Previous cybersecurity or IT auditing experience would be beneficial. 
  • Working knowledge of cyber security standards, frameworks and regulations including but not limited to NIST, ISO 27001 and 27002, NERC and SOX is desired. 
  • Possession or working toward achieving the following professional qualifications: CISSP, CRISC, CISA. 
  • Working knowledge of Canadian and USA pipeline regulations/stand 
  • ards in particular those that pertain to the CER, PHMSA and provincial and state energy and safety regulators 

If you’re a technical professional, you know that it can be difficult to find fulfilling work that advances your career. At the Ian Martin Group, we exist to connect professionals like you with meaningful work at industry-leading companies in your field. And we walk the walk, too: as a Certified B Corporation, we believe in using business as a force for good for people, our communities, and the environment. 

We value diversity and inclusion and encourage all qualified people to apply. If we can make this easier through accommodation in the recruitment process, please contact us at recruit@ianmartin.com 

We encourage all qualified candidates to apply; however, only those selected for an interview will be contacted. 

EWEMI