Cloud Security Compliance Officer

Sorry, this job is no longer available. Please Search for Jobs to conduct a new search

Eagle is currently seeking a Cloud Security Compliance Officer. This is a six (6) month, contract position scheduled to start in April.

Key Responsibilities

The successful candidate will be responsible for:

  • Working closely with teams implementing solutions using the Cloud to enhance the customer experience, deliver solutions to market faster and ensure application security;
  • Developing sound security strategic and tactical plans towards the reliable implementation of consistent and secure control processes to protect the bank and new acquired organizations’ information and data resources during integration projects;
  • Providing direction, guidance and recommendations to the business with respects to moving to the Cloud. Assisting in the inventory, classification and protection of data resources by providing guidance on a cost-effective implementation of bank’s security policies and standards;
  • Representing Information Security in integration projects teams by leading cloud based security initiatives;
  • Driving initiatives and supporting business functions to assess security risks and to make informed decisions to protect information assets during integration projects;
  • Performing Security Due Diligence Reviews on organizations targeted by the bank;
  • Providing guidance to design, develop and implement sound risk management controls in accordance with bank’s standards that assure bank’s compliance with industry regulations;
  • Keeping abreast and being well versed on financial industry regulations demands in different regions based on practical experience. Managing the infrastructure’s risk scores of acquired organizations and driving initiatives towards remediation;
  • Pursuing security and control process improvements to advance the security compliance;
  • Liasing with lead Audit engagements to proactively close information security risk and compliance issues;
  • Designing and implementing strategies and tactical plans to aid the bank in its move to the Cloud in a secure fashion while keeping the information risk at an acceptable level;
  • Addressing and resolving complex technical problems that will have impact on integration engagements;
  • Providing first line subject matter expert advice on pervasive information security standards, policies and processes, information security world class standards and major regulations in the industry;
  • Establishing and leading projects to deal with short, medium and long-term issues towards the implementation of a comprehensive Information Security program prioritizing those in alignment with Information Security Strategy;
  • Documenting high risk areas, and leading reliable and timely projects delivery towards remediation. This may include first line relationship management within Information Security & Controls (IS&C) teams and other technology teams participating in integration projects;
  • Driving the operation of reliable security controls over logical protection, vulnerability management, application security and application change control;
  • Developing sound tactical plans to address high risk areas that may jeopardize the information processing infrastructure availability, confidentiality/privacy, continuity and integrity during integration;
  • Escalating delays in plan when these may compromise customer information protection or deadlines in integration projects;
  • Identifying major synergies opportunities relying on matured infrastructure or processes that can be cost effectively deployed to other bank’s subsidiaries;
  • Designing, developing and reporting information security metrics to demonstrate advancement of the information security program implementation and escalate high risk issues accordingly. Reporting underlying risk of the information processing facilities;
  • Developing and Implementing management controls to meet operational and administrative requirements, while satisfying local regulator and financial industry demands;
  • Escalating deviation or risk acceptance requests through the VP or CISO for approval; and,
  • Liaising with internal and external security teams, local and international, and participating in reviews that pertain to compliance with bank and Regulatory IT security controls and guidelines. 

Skills and Qualifications

The qualified candidate must have:

  • Successfully completed post-secondary education;
  • Solid understanding and experience with security controls/mechanisms and threat/risk assessment techniques pertaining to complex data, application and networking environments;
  • Ability to learn new technologies, techniques and processes;
  • Advanced verbal and written communication skills in English, especially report writing ability;
  • Proven ability to meet deadlines for multiple assignments and adapt quickly to changing priorities;
  • Strong Microsoft Office software skills particularly Excel, Word, Visio and Powerpoint;
  • Strong knowledge of UNIX and Windows operating systems with emphasis on security features;
  • Sound knowledge of two (2) or more of the following security software such as: Google Cloud Platform, Azure, Amazon Web Services, Cloud Foundry or other cloud technologies;
  • Sound knowledge of network security components such as firewalls, routers, intrusion detection, anti-virus software;
  • Working knowledge of regulatory guidelines related to the financial industry like OSFI and other international regulatory, privacy requirements;
  • Sound knowledge of Agile methodology and rapid labs concept;
  • CISA, CISSP, GCIA, CSSP (an asset); and,
  • Knowledge of the financial services’ Security Governance Framework (policies and standards) (an asset).

Don’t miss out on this opportunity, apply online today!

Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.

  • Posted On: April 17, 2018
  • Job Type: Contract
  • Job ID: 54707
  • Location: Toronto/GTA ON