Job Role: Consultant, Cloud IT Risk Assessment

Duration: 6 Months (Highly chance to extends)

Location: Toronto, ON (Need to go 3 days in week onsite and 2 days in week WFH)

What is the Opportunity?

• Reporting to the Director- Cloud IT Risk, the candidate be responsible for risk assessing applications, platforms and patterns within T&O, Client subsidiaries as well as Line of Business (LOB) Executives and their broader teams.
• The ideal candidate will have relevant industry qualifications and certifications in cyber security, public cloud platforms, including strong relationship management skills.

What will you do?

• Create IT Risk scorecards for Non-Cloud and Public Cloud application initiatives and communicate risks to key stakeholders
• Establish and build credibility with stakeholders and senior leaders in order to provide representation that is seen as professional, positive and credible.
• Work in collaboration as a trusted partner to ensure that projects are planned, managed and executed in alignment with the functional strategy and goals.
• Seek industry trends and organization knowledge to ensure a high level of technical currency and understand alternative approaches.
• Collaborate with senior leaders to ensure alignment of Global Cyber Security initiatives.
• Manage risks, leveraging support from Client SMEs and escalating to Global IT Risk (GITR) leadership as required.

Must-have

• Minimum 7 or more years demonstrated experience in Cyber Security
• Knowledge of Cyber Security Frameworks and Cloud Security Frameworks
• Demonstrated knowledge of and experience with Microsoft Azure or Amazon Web Services
• Information Security and Public Cloud platform certification is an asset (AZ-500, SCS-C01,CCSP, CCSK, CISSP)
• Knowledge of government and regulatory requirements as it relates to data information management, including emerging trends and issues related to the subject matter.
• Ability to partner effectively with key stakeholders on complex projects with excellent communication, facilitation and presentation skills.
• Clear understanding of IaaS/PaaS/SaaS, including containerization (AKS/EKS)
• Knowledge of OWASP, SANS, NIST, ISO 27001, CSA, CIS or other security-related practices
• Application Security or Development experience (SAST, DAST, CICD Pipeline, Infrastructure-as-Code)
• Knowledge of Pivotal Cloud Foundry, OpenShift, Elastic search and Kafka
• Nice-to-have
• Knowledge of PCI, SOX, SOC 2, or OSFI requirements and best practices

We use AI in our Hiring processes

Mindlance is an equal-opportunity employer. We are committed to inclusive, equitable, barrier-free recruitment and selection processes, and a work environment in accordance with the Accessibility for Ontarians with Disabilities Act (AODA). We will be happy to work with applicants requesting accommodation at any stage of the hiring process