Careers Trivia – Latest Jobs 2025
Website CN Rail
Job Description:
Reporting to the IS Compliance & Governance Manager, the specialist will primarily be responsible for supporting the governance and compliance management activities relating to cybersecurity and the Information Security program. The specialist will act as subject matter expert for information security subjects including, but not limited to: understanding information security regulatory frameworks such as Sarbanes Oxley (SOX), Payment Card Industry (PCI), Transportation Security Association (TSA), and others; compiling and reporting associated metrics and compliance evidence; project support and GRC processes consulting; owning, managing, reporting, and auditing compliance against information security controls.
Job Responsibilities:
- Provide guidance during the assessment and/or review of new IT solution and/or new and existing technology to maintain compliance with regulatory (g., Sarbanes Oxley, PCI, SWIFT, etc.) and security requirements.
- Interact with other cybersecurity teams and various I&T entities as necessary to understand, apply, and enforce security requirements.
- Ensure that adequate and effective information security controls are documented and followed.
- Report on information security governance and compliance, and their relationship with business impacts.
- Collaborate with the GRC Risk area to ensure that any identified risks are appropriately logged and managed.
- Assess and challenge the effectiveness of information security requirements and controls by working collaboratively with system owners and other stakeholders.
- Provide primary leadership on maintaining, supporting, and operating the CN Information Security GRC framework, including ensuring regulatory compliance within the I&T business unit, management of security related policies, and constant evolution to adapt to business requirements.
- Communicate, oversee, and support security recommendations to meet business objectives in a proactive and pragmatic manner, ensuring an appropriate level of engagement with clients to ensure success.
Job Requirements:
- Experience with GRC tools, ServiceNow, and/or Power BI is a plus
- Broad knowledge of information security processes and functions including risk management, vulnerability management, access management, and secure development
- Previous experience in ensuring compliance with IT controls is an asset
- Integrity with high ethical standards
- Knowledge and general understanding of IT and OT security controls and control models.
- Professional Designation in Information Security compliance or Security such as Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), and/or other related designations.
- Strong knowledge and practical experience applying standards, frameworks, regulations, and legislation governing information security and privacy, e.g. NIST, ISO 27001, COBIT, SOX, PIPEDA
- Teamwork & collaboration in order to achieve common goals
- Flexible in order to effectively manage multiple assignments and adapt to changing priorities
- Practical experience tracking and reporting KPIs/KRIs
- 5+ years of experience in an information security / cybersecurity / compliance / IT Audit role
- Knowledge and practical experience developing, managing, and updating information security policies, standards, procedures, and other documentation
- Possess a Bachelor’s Degree in an IT discipline or a related field -or- equivalent work experience.
- Effective communication and interaction with others
Job Details:
Company: CN Rail
Vacancy Type: Full Time
Job Location: Toronto, ON, CA
Application Deadline: N/A
careers-trivia.net