At Rogers, we recognize that success is determined by the strength and diversity of our people. We work together because we want to win together, and these e shared values guide and define our work:
:Simplify and innovate
:Take ownership of the what and the how
:Equip people to succeed
:Execute with discipline and pride
:Talk straight, build trust, and over deliver
Every day, we strive to build a brilliant digital future for Canadians. We work as one team, with one goal :serve our customers better.
Rogers is seeking a Sr. Information Security (IS) Advisor to support the Information Security Compliance and Assessment program.This individual will be responsible for providing IS compliance expertise through the identification, validation, do entation, risk assessment and relevant compliance testing of IT related controls for various initiatives (e.g. Third Party Security, SOX, SOC 2 reports). The role includes working with SMEs across the company to represent security, and ensure that external, and internal compliance security compliance requirements are met. Reporting to a Sr. Manager of Information Security at the Rogers Brampton Campus, this individual will have the following responsibilities:
:Work with SMEs across company to represent security and compliance capabilities in order to enable Rogers to meet security compliance requirements.
:Work with a team of individuals to provide guidance to adequately scope, plan, do ent, and facilitate auditor reviews across multiple teams for initiatives such as SOX.
:Select, manage and lead discussions with third parties to ensure that Rogers' information is protected and adequate controls are in place.
:Track and report all gaps and associated risks to management through a formal reporting structure. Engage escalation on gaps identified as required to senior leadership.
:Work with teams to develop cost effective solutions to remediating gaps while ensuring risk is mitigated.
:Provide regular reporting and metrics to demonstrate value add and ROI.
:Provide Security Compliance and Assurance support, advice and awareness throughout the organization
:Represent Rogerss controls over regulatory requirements to external vendors, assessors, external customers and regulatory bodies.
Experience and Education
:Undergraduate degree in Information Management, Computer Science, Engineering,or emphasis in technology or related field
:8+ years of information security experience and/or IT audit experience
:5+ years of relationship management and/or leadership experience.
:3+ years of proven Sarbanes:Oxley (SOX) and/or PCI work experience
:Direct experience interpreting industry and regulatory requirements and authoring supporting controls
:Direct experience with information security related frameworks (ISO 27001, COSO, Cloud Security Alliance)
:Previous experience working for Big 4 in risk advisory / assurance an asset.
:Previous experience in the telecommunications industry an asset
:Previous experience with GRC implementation is an asset
:Previous experience with vendor risk management and service organization reports is an asset.
:CISSP, CISA, CISM, CA or similar certification are assets.
:Excellent interpersonal skills.
:Demonstrable understanding of how to network and develop working relationships with various key stakeholders
:Strong business and technical a en
:Strong ytical, research, writing, and communication skills
:Communicates effectively with meaningful and articulate verbal discussions. Creates clear and coherent written materials. Synthesizes information into succinct, concise and logical summaries and reports.
:Ability to work with teams to achieve goals and meet deadlines in a fast:paced environment
:Works well under pressure and time constraints and can prioritize competing priorities appropriately
:Can work independently with minimal supervision and direction.
:Proven track record