Share this Job

Senior Project & Security Risk Management Specialist

Apply now »

Date: Jan 16, 2021

Location: Ottawa, ON, CA, K2K 2W2

Company: Innovapost

Who is Innovapost?

Great question! We are the technology arm of the Canada Post Group of companies. This includes Canada Post, Purolator, and SCI. By joining us you will be able to make a positive impact on how every Canadian delivers and receives their packages and mail. Next time you see your neighbor picking up their mail and receiving a package, you will be able to say “you’re welcome!”

What role you will play?

Senior Project Risk Management Specialist will lead security risk mitigation by providing oversight and guidance in the secure project system development lifecycle. The role also requires mentoring other team members in risk assessment and identification.   You are responsible for identifying security risks in any new projects or assesing features in current projects.  You will work closely with multiple project teams across the organization

What will you be responsible for? (Apart from Innovating)
  • Identifying risks through a security assessment of net new systems or changes.
  • Providing project teams with appropriate security controls based on the risk identified.
  • Working with product teams to ensure that security controls are incorporated into all initiatives. This includes proper documentation of those controls which will be certified (by Security CoE) and accredited (by the business).
  • Working with project teams throughout the development lifecycle to identify control gaps as design changes occur
  • Arranging 3rd party TRAs and technical VAs at suitable intervals (i.e. Releases per Agile methodology)
  • Regularly validating that required information security and risk controls are in place, raising audit report findings as non-compliances are found, and driving improvement
What skills you need for this role to be yours?

With 5 + years’ experience in information security risk you will be proficient in the following areas:

  • Consulting and/ or project management in an information security environment
    • Experience identifying risk, preferably related to data, data flows and network design
  • Effectively interacting and communicating with senior solution architects and project managers.
  • Ability to question and challenge the status quo and offer new approaches based on security best practices.
  • Demonstrated problem-solving capabilities and methods that go beyond strict technical expertise
  • Experience with Government of Canada ITSG principles or NIST
  • Cloud delivery models and the related technology offerings
Additional Skills that set you apart?
  • Conducted business impact assessments to establish risk tolerance
  • Conducted Gap Analysis to identify non-compliance or weakness relating to GoC and International standards, including NIST and ITSG-33
  • Business acumen (having managed your own business) and exceptional interpersonal skills.
  • Broad IT knowledge and strong level of familiarity with a wide range of technologies and IT practices
  • Inquisitive and always learning about the digital/ technical environment that you have worked in.
Education
  • Academic : undergraduate degree or college diploma in engineering, computer science, business, or equivalent (required), Graduate degree in Business Administration (MBA) (Asset)
  • Certifications :
    • ITIL foundations (Asset)
    • CISSP, CISM, CISA, CRISC, or other information security credentials, is an asset

The work we do at Innovapost impacts every Canadian. To work with us, you must be eligible to obtain a Canada Post Reliability Security Clearance.

Good luck! We are looking forward to meeting you, but unfortunately, we will not be able to meet all of you!

Competencies
Leadership
Achievement & Results Focus
Customer Focus
Communication
Teamwork
Technical Knowledge