Login | Register

Sr Information Security Consultant to conduct TRA and PIA's for cloud based solution development projects within the automotive industry.

Job Type: Permanent
Positions to fill: 1
Start Date: Jul 11, 2022
Job End Date: Jul 11, 2022
Pay Rate: Salary: Negotiable
Job ID: 120468
Location: Toronto
Apply
Sr Information Security Consultant to conduct TRA and PIA's for cloud based solution development projects within the automotive industry.
 
Location: Scarborough (Hybrid 1-3 days per week starting from September)
 
Responsibilities:
  • Candidate will work with business and IT partners in providing information security best practices & analysis and assessing risks for projects, applications and processes.
  • The InfoSec analyst uses their information security knowledge & expertise to identify and mitigate security threats, vulnerabilities and assist with remediation.
  • Assist with assessment and integration of cloud vendors and SaaS from an Information Security requirements perspective.
  • Perform security audits against policy, processes, departments, applications and vendors.
  • Perform vulnerability analysis and issues management in pre-production and production applications & systems using standard application vulnerability scanning tools.
  • Review and challenge any changes proposed to application controls including, but not limited to, data encryption, user security profiles / bands and entitlements as well as input, processing and output controls such as edit checks, control totals and data validation / integrity checks.
  • Assist in conducting Security Training & Awareness.
  • Identify opportunities to implement Data encryption

Must have:
  • 15+ years of experience as an Information Security Specialist
  • CISSP (or similar: CISA, COBIT)
  • TRA / PIA development experience
  • Threat / Risk and Vulnerability testing, Risk analysis
  • Cloud experience (security and integration, AWS preferred)
  • SaaS experience from a security perspective
  • End to end solution experience (Infrastructure, Application, Data integration)
 
Nice to have:
  • NIST
  • Mix of public and private sector experience (Banking, Government and Healthcare)