Lead current ISO 27001, SOC 2, and PCI compliance initiatives for systems in Canada, US, and Europe
Spearhead initiatives to identify, investigate, and improve security risks within CBN Operations Global Infrastructure
Design and deliver security strategies, produce architectural models, detailed assessments, and present reports to meet Canada/US and global security requirements
Conduct Risk Assessments within customer systems to quickly assess associated risks, recommend actions, and develop plans for remediation
Take an active role in educating customers, executives, stakeholders, infrastructure personnel, and developers on best practices for security

Bachelor's degree in Computer Science, Information Technology or related field or an equivalent combination of relevant education and additional work experience
One (or more) of NIST800-53, ISO27001, SOC2 (Type I and II), FedRamp, StateRamp SANA, ISACA or GIAC is an asset
8+ years of direct experience in a compliance, auditing and/or risk position
3+ years of experience developing/delivering compliance assessments
Experience using structured approaches to risk assessment (e.g. HTRA, TRA, ITSG-33, CSF, FSIR, STAR)
Experience using Unified Compliance Frameworks and GRC tools
Experience with Azure/AWS compliance is an asset
Fluency in English (reading, writing, speaking)

Senior Risk and Compliance Specialist

Key skills