65 Emplois pour It Security - Canada
IT Cyber Security Compliance Consultant (CIP Specialist)
Vancouver, British Columbia
Tundra Talent Community
Aujourd'hui
Emploi consulté
Description De L'emploi
Duties: One of the key business priorities is to take steps to ensure compliance with the North American Electric Reliability Corporation (NERC) Mandatory Reliability Standards (MRS). MRS have been adopted by the BC Utilities Commission to achieve, sustain and demonstrate compliance with its obligations to support the reliability of the bulk electric system. The approximately 135 adopted Standards cover topics such as real-time operations, long term transmission system planning, protection system maintenance programs and critical infrastructure protection. This leading utilities client is continuing to strengthen its capacity to build, implement and sustain a robust internal compliance program that significantly impacts many areas of the company and has established new roles spanning multiple business areas to support this effort. This role is in the Reliability Standards Assurance Critical Infrastructure Protection (CIP) Assurance Department which provides oversight for MRS CIP compliance across the organization. Oversight includes:Strengthening a culture of compliance, minimizing the occurrence of violations and ensuring the organization meets its legal obligations. Providing CIP expertise, following industry developments and conducting benchmarking with other utilities on compliance best practices. Supporting the organization with implementing CIP practices Performing assurance activities and reports the outcomes to management and setting requirements on incident reporting/investigation frameworks. Conducting root cause analysis, and evidence collection, mitigation planning and continuous improvements, and supporting regulatory processes as required. Specific Responsibilities: Manage and provide support to internal stakeholders for the successful implementation and sustainment of compliance with MRS. Maintain expertise and knowledge with MRS broadly and CIP standards. Identify potential upcoming changes to standards and coordinate the organization’s involvement in potential changes (drafting, commenting, voting). Identify CIP Program improvements including governance, compliance monitoring processes/procedures and assisting with implementation plans. Support the business with assessing risks and implementing internal controls related to CIP and lead compliance assurance activities regarding business groups compliance status. Utilize technical knowledge along with controls experience to review the quality and adequacy of compliance narratives and evidence, and strength and quality of internal controls. Identify opportunities to improve practices and tools. Provide coaching, guidance, and education to the CIP Program Office and business units as a CIP technical expert on the interpretation of standards, WECC’s audit approach, including developing training materials, regular communications and governance direction. Provide guidance on non-compliance investigations, make non-compliance determinations, prepare and file self-reports to WECC, and assist with developing mitigation plans. Review and assess the adequacy of developed CIP mitigation plans and associated completion packages for filing with WECC. Develop and provide tracking information on a timely basis to decision-makers. Perform trend analysis to support or challenge reporting. Support and provide direction for other MRS Program accountabilities including annual BCUC Assessment Reports for MRS adoption, Canada Energy Regulator reporting, On Site Audits, etc. Qualifications: University degree or experience in relevant discipline or equivalent combination of education and experience. Ability to obtain security clearance for a Security Sensitive Position classification A minimum of 10 years of relevant cyber security and/or associated reliability compliance/audit experience in the electric utility industry. Candidates with physical security experience in addition to cyber security experience may be given preference. Registered Professional Engineer or security relevant certifications ( CISSP, CISA, CISM, NCSF, PSP) is an asset. Experience in Industrial Control Systems (ICS) including SCADA and other Operational Technology (OT) used in the Energy sector would be considered an asset. Demonstrated and proven experience, ability and knowledge in the following: NERC/MRS Programs in both the US and Canada; Security governance, audit, risk and controls (including experience with designing, evaluating and implementing controls based on common security frameworks, such as NERC CIP, COSO, COBIT, ISO, NIST); leading investigations, with ability to analyze and process a high volume of detailed information with accuracy. Excellent written and verbal communications skills. Excellent relationship management, collaboration and interpersonal skills. Effective presentation skills, including the ability to convey complex technical issues to diverse audiences. This role requires a combination of demonstrated deep technical security and security management expertise. Strong leadership skills and ability to influence cross-functional teams. Job 70762
Désolé, cet emploi n'est pas disponible dans votre région
0
Senior Manager, IT - Infrastructure Security & Data Protection
Ontario, Ontario
The Kraft Heinz Company
Aujourd'hui
Emploi consulté
Description De L'emploi
Description Here at Kraft Heinz, we grow our people to grow our business, because we believe that great people make great companies. When you join our table, you can expect access to an array of holistic wellness benefits* and perks, including medical, dental and vision coverage, 7% 401(k) matching, Business Resource Groups (BRGs) to help foster diversity, inclusion, and belonging for all employees, an industry-leading total rewards package that emphasizes a high discretionary bonus.*Benefits begin immediately upon hire for salaried employees.Get a peek into life here at Kraft Heinz through our and channels!Sr Manager, IT - Infrastructure Security & Data Protection at a glance We are seeking an experienced and skilled IT professional to join our Infrastructure Security & Data Protection team. As a Senior Manager, you will be responsible for designing, implementing, and maintaining the security and data protection infrastructure across our organization. What's on the menu? Contribute to the design, implementation, and maintenance of a robust security infrastructure, including firewalls, intrusion detection/prevention systems, CASB, NAC, and secure web gateway.Help develop and maintain a comprehensive zero-trust security strategy and roadmap, aligned with the organization's overall IT strategy and goals.Collaborate with cross-functional teams, including IT Operations, Architecture, and Cloud Operations, to ensure security is integrated into all aspects of the organization.Develop and maintain security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices.Conduct risk assessments and vulnerability testing to identify potential security threats and implement mitigation strategies.Assist with incident response efforts in the event of a security breach or incident.I have experience in information security, focusing on network, infrastructure and cloud security.I have proven experience in designing and implementing security infrastructure, including firewalls, intrusion detection/prevention systems, cloud security, CASB, NAC, and secure web gateway.I have strong knowledge of security frameworks, regulations, and industry standards (e.g., NIST, Zero Trust).I have experience with cloud security tools (e.g., Wiz, Azure Native, Palo Alto NGFW) and cloud environments (e.g., AWS, Azure, Google Cloud).I have strong communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders.Please note: This job posting is just a preview of the full scope of the position. A comprehensive job description is shared upon interview.We hope to find you a seat at our table!Our Total Rewards philosophy is to provide a meaningful and flexible spectrum of programs that equitably support our diverse workforce and their families and complement Kraft Heinz’ strategy and values.Bonus: This position is eligible for a performance-based bonus as provided by the plan terms and governing documents.Benefits: Coverage for employees (and their eligible dependents) through affordable access to healthcare, protection, and saving for the future, we offer plans tailored to meet you and your family’s needs. Coverage for benefits will be in accordance with the terms and conditions of the applicable plans and associated governing plan documents.Wellbeing: We offer events, resources, and learning opportunities that inspire a physical, social, emotional, and financial well-being lifestyle for our employees and their families.You’ll be able to participate in a variety of benefits and wellbeing programs that may vary by role, country, region, union status, and other employment status factors, for example:Physical - Medical, Prescription Drug, Dental, Vision, Screenings/AssessmentsSocial - Paid Time Off, Company Holidays, Leave of Absence, Flexible Work Arrangements, Recognition, TrainingEmotional – Employee Family Assistance Program, Wellbeing Programs, Family Support ProgramsFinancial -Savings/Pension, Life, Accidental Death & Dismemberment, Disability, Discounted PerksLocation(s)Toronto - Queen's Quay - Headquarters
Désolé, cet emploi n'est pas disponible dans votre région
Soyez le premier informé
À propos du dernier It security Emplois dans Canada !
1