Modis, on behalf of our client is looking for an Information Security Officer
Information Security Officer (58695253)
Contract Duration: (6 months)
Location: Toronto, ON
• Consulting and Advisory: Work closely with portfolio personnel, stakeholders, and senior management to identify Information Security related risks and controls.
• Understand business, local and Information Security strategies as they relate to the portfolio.
• Provide Information security requirements, advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to IS processes and solutions.
• Lead security architecture / design of “projects” / solution (application/infrastructure/etc.) as required.
• Manage/facilitate security due diligence activities throughout the project lifecycle to ensure that security risks are identified and controls are implemented to mitigate risk.
• Evaluate and assess emerging security threats and vulnerabilities in portfolio and work with portfolio personnel to identify appropriate controls.
• Provide portfolio personnel guidance in understanding and responding to security incidents with appropriate stakeholders.
• Work as Information Security subject matter expert and provide expertise in regards to their support area or portfolio.
• Governance and Control: Implement information security risk governance and control framework for the local organization that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements.
• Directs and monitors due diligence of information security risk processes and results on an ongoing basis
• Oversees and manages portfolio of Information Risk Issues (IRI) to ensure these are current, accurate and are supported by sound resolution plans
• Complete portfolio level risk assessments
• Consolidate, interpret and report key information security risk, trends for the portfolio and understand effectiveness of controls in managing the key risks. This includes contribution to centralized reporting efforts, and initiation of ad hoc analyses and reporting for a variety of stakeholders within the portfolio to ensure that appropriate parties are aware of security issues.
• Minimum 5-6 years in application security in a large enterprise environment
• In depth knowledge of Application Security, Information Security risk and industry best practices (how to best manage risk)
• Hands-on experience in implementing security in rapid software development methodologies and DevOps automation
• Working knowledge of the technical areas supported e.g. data warehouses, mainframes, networks, etc.
• Working knowledge of policies, standards and operating procedures in large organizations relating to information security risk (enterprise level)
• Scanning dynamic and environment scanning (IBM Appscan, HP Fortify)
• Information Security certification e.g. CISSP, CISSLP, GIAC etc
Please note that Candidates must be legally eligible to work in Canada. Your resume will not be forwarded to any of our clients without your explicit permission. We thank all applicants, but only suitable applicants with the above qualifications clearly identified in their resumes will be contacted. Modis Canada is an Equal Opportunity Employer.
We’re at the center of exceptional IT connections. Every day, Modis connects premier IT professionals to great opportunities at leading companies. Put our connections to work for you!