Sr. GRC Consultant - Toronto, Canada - CDW

    CDW
    CDW Toronto, Canada

    1 month ago

    Default job background
    Full time
    Description

    At CDW, we highly value the energy and commitment you bring to your job every day. Our careers provide exceptional opportunities for you to grow at an innovative, multi-billion-dollar, Fortune 200 leader. The #1 name in Canada for IT solutions, we're driving meaningful technological change for companies in virtually every industry.

    What you'll do:

    Key Areas of Responsibility

    • Understand and apply information security principles, concepts, and practices.
    • Apply knowledge of security and technology risk management frameworks, regulatory requirements, and best practices such as NIST CSF, ISO 27001, OWASP, CIS Controls, and PCI-DSS
    • Participate in the development and implementation of policies, standards, procedures, and IT controls as needed to appropriately respond to IT and information risks.
    • Assign IT and information risk management-related tasks to Analysts and Senior Analysts and follows up on progress to ensure on-time completion of tasks
    • Understand and execute the technology risk management lifecycle, including:
      • Risk dentification: reviewing existing policies, standards, procedures, and controls, as well as conducting a risk assessment.
      • Risk Evaluation: assessing the likelihood and potential impact of each risk and using a risk-based prioritization approach to manage.
      • Risk Response: providing guidance on risk response. Where appropriate, supporting the implementation of controls to reduce the likelihood and impact of identified risks. This may involve implementing technical controls, such as firewalls or encryption, as well as non-technical controls, such as policies and procedures.
      • Risk Monitoring: ongoing monitoring of systems and data.
      • Risk Reporting: reporting on technology-related risks, including key risk metrics, to stakeholders, such as senior management, the board of directors, or regulators, to ensure risks are properly understood and appropriately managed.
    • Ensure stakeholders are responded to in a timely and professional manner. Foster open lines of communication with all parties.
    • Partner closely with Information Security, Business Process Assurance, Legal, and other IT and business representatives across CDW to ensure IT and information risks are managed to an acceptable level.
    • Accurately respond to Coworker IT risk and compliance and information management questions in a timely manner or escalate appropriately.
    • Actively participate in decision making with management and seek to understand the broader risk impact of current decisions.

    What you'll need to succeed:

    Experience Qualifications

    • 3-5 years' working experience in information or information risk management, IT risk management, audit, or compliance with a broad knowledge of IT operations and applications
    • Excellent written and verbal communication skills with the ability to communicate effectively with all stakeholders including senior leadership.
    • Ability to work independently and as part of a team.
    • History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines
    • Ability to lead and/or actively participate in working sessions and stakeholder meetings
    • Ability to interact with IT and business personnel and build strong relationships at all levels, with an ability to understand business drivers and effectively communicate IT and risks in an easy-to-understand manner

    Preferred Qualifications

    • Bachelor's degree in information security, computer science, or a related field or equivalent practical knowledge/experience including technical bootcamp training in security risk management, security assessment tools and techniques and/or security risk management principles and practices.
    • One or more of the following professional certifications: CRISC, CISA, CISSP or CISM designation or other relevant certification (IT Risk & Compliance Focus)

    Who we are:
    CDW is a leading technology solutions provider to business, government, education and healthcare organizations in Canada, the United States, and the United Kingdom. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced startups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small.
    What you can expect from us: Culture, coworkers, careers.

    CDW is not only the People Who Get IT, but the People who get People. Our relationships are fueled by our deep expertise and grounded in the CDW Way. Our empowering leadership makes things happen and inspires their teams to do the same. From the teammates beside us to the leaders who guide us, we move forward together. At CDW, you'll work with people who inspire you. People with positive, success-driven attitudes who you will learn from and forge strong relationships with. Bring your best true self-and your best ideas-to CDW. Because diverse perspectives bring forth better problem solving-and better solutions for our customers on a rapidly evolving technology landscape.
    The well-being of our employees is essential to us. CDW offers a comprehensive benefits package, which includes health, dental and vision coverage, coworker stock purchase program, paid vacation time and sick days, RRSP/DPSP and DPSP match, tuition reimbursement, coworker discounts and other generous perks.