A world pioneer and Canadian leader in information security, OKIOK offers a full range of services and products, including secure data transfer, encryption and identity management. Its extensive offer includes consulting services, outsourced safety management services, customized solutions and training. Among the only ones in Quebec to make research and development its cornerstone, it remains at the forefront of its sector thanks to the design of innovative solutions. With people of exceptional talent and ambition, we design innovative security solutions that reshape information security technologies and advise our client companies around the world. In a continuation of growth, OKIOK is recruiting new talent willing to join its team of professionals.
Main responsibilities :
Reporting to the Director of Professional Services, the Senior Compliance Advisor has more than 5 years of relevant and recent experience in information security and in particular in compliance with recognized information security standards. He acts as an information security expert on major mandates. He accomplishes his duties by, among other things, implementing tools and/or methods to ensure the maintenance and sound management of this specialization among the company's clients.
In addition to having general expertise in information security and carrying out corporate activities expected for this type of position, the consultant excels in the field of compliance with several recognized security standards such as PCI, GDPR, HIPPA, ISO2700x, SOX, etc.
1. Provide consulting services in IT security areas where it has specific expertise
- Provide consulting services in IT security areas where it has specific expertise
- Coordinate and participate in the conduct of safety audits;
- Identify IT security solutions and their impacts, based on business needs;
- Implement effective protection mechanisms adapted to customer needs;
- Develop/implement security management policies, standards and processes;
- Coach, if necessary, the targeted stakeholders to ensure the transfer of the required technical knowledge;
- Review the content and format of all documentation submitted by a team member to ensure compliance with standards, relevant specifications and required quality ("Peer Review").
2. Support professional service management processes
- Establish, if necessary, a profile of the advisor positions to be filled;
- If necessary, conduct interviews with potential candidates for the positions to be filled;
- Participate in the preparation of service offers;
- Participate in activities related to the reception and orientation of new advisors;
- Participate in activities related to the definition of the professional services offered or to be offered by the company;
- Supervise, as required, technical resources to transfer and/or upgrade the knowledge required to meet performance expectations;
- Accompany, if necessary, the resources assigned to business development and/or other relevant internal stakeholders to support them during their interviews with clients.
3. Carry out training activities
The incumbent may, from time to time, be required to participate or conduct training activities in his/her field of expertise. In such cases, the following activities can be carried out by the advisor:
- Accompany, if necessary, the resources assigned to business development and/or other relevant internal stakeholders to support them during their interviews with clients;
- Prepare the documentation and teaching materials required to run or have run the training programmes/actions;
- Facilitate internal and external training programs/actions;
- Make any necessary changes to training programs/activities.
4. Act as an expert in standards compliance
In addition to his general duties expected of a senior consultant, the consultant has superior expertise in compliance with recognized corporate security standards (e. g. PCI, ISO27001, NERC) and more specifically in the following activities and areas:
- Act as an expert in the implementation of adequate management of compliance with an information security standard;
- Define the strategic orientations of compliance projects;
- Implement and coordinate workshops with key stakeholders (strategy, issues and project governance);
- Conduct gap analyses to measure the level of compliance;
- Define the action plans necessary to achieve compliance;
- Manage compliance projects or specific interventions in support mode;
- Carry out pre-certification audits;
- Advise and support the client in his post-audit steps to maintain the expected level of compliance.
5. Support the Advanced Solutions and Products Department in its implementation of solutions
- Practical expertise in at least two areas of information security (CBK) including that of your specialty;
- Excellent knowledge in several areas of information security (CBK);
- Excellent knowledge of several security standards such as PCI, GDPR, HIPPA, ISO2700x, SOX;
- Good knowledge of the security of cloud environments;
- Good knowledge of Web technologies;
- Good knowledge of Microsoft, Linux or Unix systems;
- Good knowledge of secure data transfer.
- University undergraduate degree with specialization in telecommunications, computer science or equivalent;
- At least 5 years of recent experience in his specialty;
- CISSP, CISA or CISM certifications;
- Ability to interact with representatives from different backgrounds;
- Excellent organizational skills, analytical and summarizing skills;
- Ability to make quick decisions in a changing environment and to be innovative;
- Ability to write documents in a clear and structured manner;
- Ability to work in a team and act as a coach;
- Bilingualism in French and English, spoken and written.
Further information :
- Permanent full-time position;
- The advisor will work directly with our client(s) in the Greater Montreal area;
- Group insurance;
- Cell phone charges paid;
- Paid training and/or certification(s) related to the position;
- Competitive annual salary;
- Annual bonus.
Julie Vincent, c.o. org.
Responsable des ressources humaines
450 681-1681 poste 223