Compliance analyst – Cyber security-MON17592
At Bombardier, our employees work together to evolve mobility worldwide – one good idea at a time. If you have a good idea, we’ll provide the environment where it will thrive and grow into a great product or customer experience. Your ideas are our fuel.
In your role, you will:
– Support the Risk Management & Compliance service, supporting the internal Risk & Compliance team and coordinating with managed service providers to ensure a comprehensive risk management program.
– Support governance of the risk management program, ensuring risks are detected, measured, and reported on a regular basis.
– Track, operate and manage reporting of IT Audit Deficiencies, ensuring management action plans (MAPs) are developed, executed and reported on a regular basis.
– Collaborate with stakeholders, including IT leaders and their teams, to regularly review MAPs, ensure plans are being executed, schedules maintained, and risk status accurately reported.
– Collaborate with risk partners, such as internal and external auditors, service providers, and customers to ensure awareness of Bombardier’s cyber and IT risk profile.
– Support audit and compliance requests from 3rd party vendors and customers, working with IT stakeholders and service providers to provide timely responses.
– Work with Vulnerability Management team to ensure visibility and tracking of risks relating Bombardier vendors.
– Maintain regular reporting of IT risks, including maintenance and publication of Cyber/IT Top Risks report.
– Track and manage key performance indicators and reporting metrics, ensuring visibility and awareness of cyber and IT risks with Bombardier’s internal and external IT systems.
– Provide technical consultation, guidance, training, and assistance to developers, management, application and database owners, and users in reference to security policy and standards, remediation, regression testing, and system architectures recommendations.
– Perform analysis of cyber security and IT vulnerabilities, threats and incident trends to understand root causes and propose counter measures that mitigate risk and improve security and IT processes.
As our ideal candidate,
– You have bachelor’s degree in Mathematics, Statistics, Computer Science, Information Science or relevant field of study.- You have CISSP, CISA, CISM and other security certifications preferred.
– You have 5+ years hands-on experience in cyber security roles such as vulnerability management, threat intelligence or incident response.
– You have knowledge and experience of:
– Governance, Risk & Compliance (GRC) Frameworks
– Factor Analysis & Information Risk (FAIR) Methodology
– ISO 27005 Risk Management
– IT General Controls (ITGC) testing methodologies
– You have skilled with vulnerability and risk assessment tools, correlation rules, and managing dashboards.
Bombardier is an equal opportunity employer and encourages women, Aboriginal people, persons with disabilities and members of visible minorities to apply.
Whether your candidacy is moving on to the next step of the hiring process or not, we will keep you informed by email or by phone. Join us at careers.bombardier.com
Your ideas move people.
Job: Information Systems and Information Technologies
Primary Location: CA-QC-Montreal Dorval
Employee Status: Regular
Job Posting: 22.02.2021, 9:42:51 AM
Unposting Date: Ongoing
Job Segment: Compliance, Cyber Security, Risk Management, Information Systems, Legal, Security, Finance, Technology