SOC Audit and Compliance Analyst OneIT - Montreal, Canada - WSP Canada

Description

The Opportunity:

The Global Senior Compliance Support Analyst will have multiple security related roles within the organization. Their main goal will be to improve the existing and provide a more secure computing environment for the organization to conduct their business. The global security operations team will have overlapping duties however each role will have more specifically focused duties. As such, the role and essential duties will fit into the below classifications most closely.

They must learn how to prepare the requested documentation for different Global SOC processes necessary for WSP compliance. They will actively support the SOC Managers for designing the requested documentation for different compliance processes (ITGC - IT General computers Control, ISO Information Security Management Process, Privileged Access Management, Vulnerability Management, Identity Governance, Integrated Organizations Compliance, Metrics and Compliance reports/dashboards)

Why choose WSP?

• We value and are committed to upholding a culture of inclusion and belonging
• Our Flexible Work Policy - we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours. We will support you on and off the job so you can be fully present in both your work and home lives.
• A Canadian success story - we're proud to wear the red and white of this beautiful country and show the world what Canada has to offer.
• Enhance the world around you - from the environment to the highways, to the buildings and the terrain, WSP is the fabric of Canada.
• Outstanding career opportunities - we're growing and pushing ourselves every day to be greater than yesterday - we're open to your ideas and trying new things.
• A phenomenal collaborative culture and a workforce filled with genuinely good people who are doing humbly important work. Come find out for yourself what it's like to be a part of our journey.

We offer attractive pay, flexible work options, a great corporate culture, comprehensive and employee-focused benefits including virtual healthcare and a wellness platform as well as great savings programs, and a clear vision for the future.

#WeAreWSP

What you can expect to do here:

Under the guidance of the SOC (Security Operations Centre) Compliance Manager, assist with analysis, mitigation, escalation and processing of; but not limited to the below.

Specific areas of responsibility may fall into any one of the following areas of Security Operations, as assigned by the SOC Compliance Manager or other SOC team Leaders, Managers or senior members.

•Lead the continuous improvement of the Global SOC Information Security Management System (ISMS) in line with the applicable security and business requirements and regulations, ensuring that changes done are approved and managed in transparency with all stakeholders.

• Contribute to the ISO 27001 multi-site certification and other transversal programs where Global SOC is involved;
• Monitor compliance with local and industry specific regulations (ISO27001, ITGC, ...) and participate in internal or external audits;
• Advise on design and implements Identity Governance and User Lifecycle Management processes /activities in line with the SOC projects;
• Perform ISO27001 gap assessments/implementation and internal audit activities related to Global SOC;
• Design related processes documentation;
• Advise on design, design and implements Information Security Frameworks for different compliance tasks/documentation review processes / ongoing internal or external audits;
• Support, collects and prepare required evidence during Compliance audit activities (external and internal);
• Design Security Awareness materials (procedures/presentations/training materials);
• Support, collects and deliver analysis required for metrics and reporting dashboards;

What you'll bring to WSP:

Required

• Good communications skills and strong knowledge of spoken and written English.
• Technical background with a strong understanding of security concepts and practical usage.
• Proactively seeks to improve security processes and implements security solutions, raising security awareness and overall security measures.
• Ability to work efficiently with minimal oversight/direction remotely, adjusting to changing priorities, circumstances, and personal interaction styles.
• An academic degree in IT or IT Security
• Experience in working in transversal teams and business units across borders.
• 2 years in applying and improving corporate policies in line with security standards, regulations, and best practices (i.e., ISO 27k, NIST CSF, ITGC...).
• Security certifications that evidence understanding of ISO 27k family standards or equivalent.
• 2 years' experience in a similar role within a Global Organization.
• Experience in information security, risk, compliance.
• Solid knowledge in IT Governance frameworks such as COBIT, ISO 2700x, NIST, ITIL
• During employment solid knowledge of information security regulations applicable to WSP;

Preferred

Certified or equivalent i.e. ISO27001 Auditor, Security +, CISSP, CISM, CISA, CRISC,
WSP is one of the world's leading professional services firms. Our purpose is to future proof our cities and environments.

We have over 65,000 team members across the globe. In Canada, our 12,000+ people are involved in everything from environmental remediation to urban planning, from engineering iconic buildings to designing sustainable transportation networks, from finding new ways to extract essential resources to developing renewable power sources for the future.

At WSP:

• We value our people and our reputation
• We are locally dedicated with international scale
• We are future focused and challenge the status quo
• We foster collaboration in everything we do
• We have an empowering culture and hold ourselves accountable

Please Note:

Health and Safety is a core paramount value of WSP. Given the importance of keeping one another safe it is expected that you comply with our Health, Safety & Environment (HSE) policy at all times as well as client HSE policies when working at client locations.

Offers of employment for safety-sensitive positions involving fieldwork are contingent upon candidates being able to perform key physical tasks of the job as described in the job posting and interview. This may include the ability to work in a variety of environmental conditions, such as remote or isolated areas, working alone, and in inclement weather (within safe and reasonable limits).

WSP welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.

WSP is committed to the principles of employment equity. Only the candidates selected will be contacted.

WSP does not accept unsolicited resumes from agencies. For more information please READ THE FULL POLICY.