IS Risk Management Services Director

Eagle is currently seeking a IS Risk Management Services Director for a permanent job opportunity, scheduled to begin immediately.

Key Responsibilities

The successful candidate will be responsible for:

  • Ensuring that IS risks are understood, managed, and balanced against business needs;
  • Ensuring that all IS functional teams are completing their required operational security tasks;
  • Performing the management of Information Services Risks for the purposes of aligned risk understanding across IS and the business, informed risk decisions by IS and business, increased business productivity through better managed risks, prioritized use of IS resources, IS Risk Management Process and Procedures, IS Risk Assessments and Recommendations;
  • Developing, implementing, and maintaining a Strategic Framework for Information Security and IS Risk Management;
  • Reviewing and assessing framework to ensure IS Security compliance to relevant prevailing legislation;
  • Monitoring the overall effectiveness of the Information Services risk framework;
  • Developing, implementing, and maintaining IS Risk Management processes and procedures;
  • Identifying strategies for developing a culture of Information Services Risk Management best practices;
  • Providing process for the regular review and documentation of IS security threats or risks of project, operational or business goals, using tiered empowerment;
  • Escalating major or significant decisions to the VP IS Risk Management for decision; 
  • Recommending solutions to business when risk extends beyond IS Department;
  • Escalating to business the associated levels of risk and the effectiveness of risk mitigation strategies when escalation is required;
  • Assessing, documenting, and recommending actions regarding IS Risks;
  • Reviewing Change and Release Records to ensure that risks of proceeding and of not proceeding are understood and documented;
  • Providing risk reporting to Enterprise Risk Management (ERM);
  • Maintaining an awareness of advances in Risk Management technology, processes, and best practices;
  • Recommending innovations to management as warranted;
  • Assisting Production Support in the development Major Incident Response procedures for security breaches;
  • Performing and reporting on all security reviews resulting from security breaches to VP IS Risk Management;
  • Reviewing security related incidents to ensure appropriate actions have been completed or are tasked appropriately (i.e. log reviews, patching status, security build procedures, security alerts, etc.);
  • Performing security management consulting for internal business units;
  • Acting as a focal point for all IS Security issues;
  • Creating and maintaining the IS Risk Assessment forms and procedures and create awareness around the process;
  • Maintaining up-to-date knowledge of the IS security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors;
  • Selecting and acquiring additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes;
  • Overseeing the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically;
  • Ensuring the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories;
  • Supervising all investigations into Security Incident and problematic activity and provide on-going communication with senior management;
  • Engaging in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation;
  • Documenting, developing, implementing, and maintaining the IS Continuity Plan;
  • Ensuring all areas are prepared to respond to an invocation of the IS Continuity Plan;
  • Coordinating regular testing of the IS Continuity Plan;
  • Reviewing all IS Changes for IS Continuity Plan impact;
  • Performing post mortem reviews of the IS Continuity Plan invocation;
  • Providing management reporting on IS Continuity state to VP IS Risk Management;
  • Acting as a focal point for all IS Continuity related issues;
  • Reviewing, recommending, and assessing internal and external IS policies to support effective IS Governance and protect IS assets;
  • Documenting, developing, and maintaining IS Policies in collaboration with all IS areas; and,
  • Documenting, developing, and maintaining a process to sign and renew policies, Non-Disclosure agreements, and Confidentiality Agreements.

Don’t miss out on this opportunity, apply online today!

We would like to thank all applicants for their interest; however, only candidates under consideration will be contacted.  Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.
 

  • Posted On: October 17, 2018
  • Job Type: Permanent
  • Job ID: 55985
  • Location: Edmonton AB