As a member of the information security team, you will be responsible for conducting risk analyses and ensuring the compliance of the solutions, services and products offered by our suppliers. You will also ensure the follow-up of certifications and technical compliance requirements requested from our suppliers. In addition you will have to perform tasks and functions specific to an information security analyst role in Agile teams.
Why Cascades ?
- Flexible schedule 40 hours/week;
- Summer schedule;
- Flexible, complete and advantageous group insurance;
- Accessible gym space;
- Accessible internal and external trainings;
- Condo in Florida, eligibility after 1 year of service;
- Financially covered sports activities;
- Profit-sharing plan, accessible after 1 year of service;
- Pension plan with company contributions, after 3 months of service;
- Contributing to the success of an ecoresponsible multinational Quebec company.
- Perform risk analyses according to Cascades' information security practices;
- Participate in governance, control and compliance functions through audits, exception and acceptance processes.
- Ensure and maintain good documentation of risks and compliance tasks;
- Ensure the application of external standards (e.g. PCI DSS, SOX, PIPEDA, etc.) as well as Cascades' internal standards according to our security practices;
- Monitor our suppliers' certifications;
- Participate in functions related to the information security analysis role, such as:
- Develop and implement information security solutions to mitigate risks;
- Supporting our information security systems;
- Developing and planning vulnerability testing and monitoring;
- Participate in incident resolution as a member of the Agile team.
Your baggage and your strengths
The Information Security, Risk and Compliance Analyst shall have the following qualifications :
- 5 years of experience related to information technology with a minimum of 2 years in information security;
- Bilingualism, written and oral;
- Good knowledge of legal obligations related to information security (an asset);
- Practical experience in performing IT security audits (an asset);
- Certification CSX, CISSP, CISA, CCSK, CCSP or equivalent (an asset);