Information Protection Advisor to help provide information security governance and compliance services to corporate and divisional projects, and conduct ri
S.i. Systèmes
Vancouver, BC-
Nombre de poste(s) à combler : 1
- Salaire À discuter
-
Emploi Permanent
- Publié le 23 novembre 2024
-
Date d'entrée en fonction : 1 poste à combler dès que possible
Description
Our client is looking for an Information Protection Advisor to help provide information security governance and compliance services to corporate and divisional projects, and conduct risk assessments and penetration tests.
Must Haves:
- Hands on experience in pen testing
- Understanding of security frameworks and experience assessing against framework such as ISO 27001
Nice to Haves:
- Principles, standards, practices, and tools pertaining to information systems security.
- The ISO/IEC 27000 framework for building Information Security Management Systems.
- BC’s Freedom of Information and Protection of Privacy Act (FIPPA); and e-Discovery and Legal Hold trends and legislation.
- Strong understanding of distributed systems and how they work.
- Incident handling processes and procedures.
- Trends and developments in the information and technology security field.
- Familiarity with SOC and SIEM tools.
- Familiarity with third party audit reports such as SSAE 16, SOC 2.
Responsibilities:
- Gathering electronic evidence to support investigations, including extracting and interpreting systems log files and conducting computer forensics and mobile device forensics.
- Analyzing threats and assessing information security exposures to information and information technology systems.
- Performing regular pen tests and security tests on the client's Systems, as well as engaging third parties to perform regular pen tests
- Developing electronic investigation processes and procedures.
- Developing proactive monitoring rules, triaging alerts, and handling incidents.
- Recommending, creating, and updating corporate principles, policies, standards, and procedures related to information security.
- Consulting on corporate and divisional projects as an Information Security Lead, identifying information security risks, communicating with the business owners to establish impact, recommending treatment plans to remain within business risk tolerance, and tracking treatment plans through implementation;
- Collect information security metrics to monitor and enhance the information security program
- Work closely with non-technical stakeholders on the interpretation of electronic evidence and the creation and tuning of monitoring alerts.
Exigences
non déterminé
non déterminé
non déterminé
non déterminé
D'autres offres de S.i. Systèmes qui pourraient t'intéresser