- Define, implement and maintain security policies, procedures and standards
- Plan and execute the security assurance program, including security testing, tabletop exercises, configuration management, compliance monitoring, etc.
- Manage and support, as main contact for the information security perimeter, internal and external audit requests
- Coordinate activities related to in scope certifications, including yearly Swift and quarterly internal controls certifications
- Design and implement controls and dashboards to give solution delivery teams visibility on the security posture of their solution portfolios
- Actively contribute to the definition and implementation of the security strategy, in line with PSP's strategic vision and digital strategy
- Act as team lead to consultants, coordinate the work of security assurance resources, provide guidance to ensure objectives are met, and actively contribute to the resolution of obstacles
- Develop and maintain collaboration with the security engineering and operations teams, as well as our internal business partners, to ensure the proper functioning of security processes and controls
- Represent Information Security on working groups for various initiatives or activities to ensure communication and compliance with information security requirements
- Stay abreast of information security trends and risks that are relevant to the industry
- Bachelor's degree in information technology or administration (specialization in information systems or security), or a combination of education and experience deemed equivalent
- Minimum of seven (7) years of relevant experience, including extensive experience in information security, technology risk or technology audit
- Experience in the financial or investment sectors, an asset
- Relevant professional designations (CISSP, CISM, CISA, CRISC, CGEIT), an asset
- In-depth knowledge and understanding of information security management frameworks, standards and best practices (ISO 27001, NIST, COBIT, ITIL, etc.)
- In-depth knowledge and understanding of application, cloud and systems security, and proficiency in applicable security solutions
- Knowledge of SDLC processes and Agile/DevOps/DevSecOps delivery methods
- Bilingualism: English and French (frequent interactions in English with PSP employees based in our offices in Hong Kong, London and New York, and interactions in French with employees in our local offices in Montreal and Ottawa)
- Investment in career development
- Comprehensive group insurance plans
- Unlimited access to virtual healthcare services and wellness programs
- Competitive pension plans
- Vacation days available on day one with additional days on milestone service anniversaries, and summer Friday afternoons off
- Inclusive paid parental leave policy: up to 26 weeks for primary caregivers, 5 weeks for secondary caregivers
- A hybrid work model with a mix of in-office and remote days
Advisor, Information Security - Montreal, Canada - PSP Investments
Description
EXPERIENCE THE EDGE
At PSP, we encourage our employees to grow, forge powerful relationships, contribute and fuel inspired investment launchpads. We are committed to a culture that fosters collaboration and allows us to think beyond, in an interconnected way. We advocate for our employees to speak-up, learn, experiment, share, and be part of an where diversity is embraced.
ABOUT THE TEAM
As a member of the Information Security team and expert in this field, you will act as a partner to the technology teams and business lines on information security issues. You will lead the security assurance activities to ensure the implementation of consistent policies, procedures and controls and achieve compliance over time. You will support the organization in the identification, assessment and remediation of security risks, and the testing of security processes and controls, to ensure that its information assets are adequately protected.
ABOUT YOUR ROLE
As anAdvisor, Information Security,you'll:
WHAT YOU'LL NEED
We offer a tailored employee experience and competitive total rewards and benefits package* designed to attract and retain global diverse talent, reward performance, and reinforce business strategies and priorities. Beyond salary and incentive pay eligibility, you have access to:
Follow us on
#LI-AM1