Information security advisor

What is Equisoft? Equisoft is a global provider of advanced insurance and investment digital solutions, recognized as a valued partner by over 250 of the world’s leading financial institutions. We offer a complete ecosystem of end-to-end and scalable solutions that help our clients tackle any challenge in this era of digital disruption. Our business-driven approach, deep industry knowledge, innovative technology, and expert teams help our partners solve their biggest, most complex problems. With are diverse and multicultural team of experts based in North America, the Caribbean, Latin America, Europe, Africa, Asia and Australia, Equisoft helps its clients tackle any challenge in this era of digital disruption.

Why Choose Equisoft? With 950+ employees, we are a stable and growing organization that offers career advancement and fosters a stimulant environment. If that’s not enough, then check out these other perks below:

• Hiring Location: Canada (our local in Montreal or Quebec City office)
  
• You are welcome to work in our office, hybrid or 100% remote
  
• Full-time Permanent Role
  
• Benefits available day 1: medical, dental, retirement plan, telemedicine program, employee assistance program, etc. (Canada)
  
• Flexible hours
  
• Number of hours per week: 40
  
• Educational Support (Udemy, LOMA Courses, Equisoft University, Tuition Reimbursement)

Role: The Information Security Advisor reports to the AVP, Security of Information and Conformity and works closely with 4 other specialists in the IT Security and Conformity field. The incumbent will be responsible to support and mature the information security program at Equisoft. He will also maintain effective security control and promote information security goals across the organization.

Your Day with Equisoft:

• Manage and monitor technology, audit and compliance requirements through governance, oversight, reporting and training initiatives / programs including management of audit findings and key risk indicator program.
  
• Manage the Cyber Risk management process across organization. Manage Information security risks identified and ensure completion of remediation activities.
  
• Respond to third party cyber security questionnaire
  
• Participation in annual Information Security Audit processes

Requirements:

Technical

• 
  Bachelor's Degree in computer engineering or information Technology or College Diploma combined to 3 years of relevant experience
  
• Between 3 to 5 years’ experience in a similar role
  
• Required 1 or more Information Security Certifications, CISA, CISSP, CISM, Cloud Security certifications
  
• Demonstrated experience with Information Security frameworks (e.g SOC 2, ISO 27001, NIST, etc….
  
• Knowledge of domestic and international laws governing information security & Data Privacy; ability to interpret and take action on the aspects of information security laws that impact the business.
  
• Knowledge of the security of cloud environments
  
• Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure and minimize negative effects of cybersecurity risks.
  
• Ability to drive execution of aggressive goals through effective planning, prioritization, resource management and follow through.
  
• Reporting on and measure the effectiveness of the technical controls and propose compensating controls accordingly
  
• Enhancing and maintaining the internal security audit program
  
• Aligning and refining Information Security policies and standards with industry best practices, pertinent regulations and standards bodies (ISO 27001/2, PCI DSS, CIS, NIST Series)
  
• You have strong service management and service delivery orientation
  
• Prepare, track and maintain risk acceptances and security exceptions.
  
• Leverage expertise in Information Security Management to prepare and conduct security assessments for both planned initiatives and unplanned instances.
  
• Examine and interpret requirement documents and architecture diagrams and determine security risks to the organization
  
• Collaborate with senior leaders and make informed, risk-based recommendations to enhance the security posture of the organization, products and services.
  
• Evaluate and monitor third party vendors for security compliance
  
• Participate and support security related and serve as a key interface with external and internal auditors for security compliance related activities
  
• Support development, enhancement, and socialization of the security awareness program
  
• Create and update technical documents in line with company policies
  
• Ensure that effective BCP/DR policies and plans are in place and maintained
  
• Keep abreast of the cybersecurity threats and assess their potential impact to Equisoft’s posture
  
• Excellent knowledge of English & French (spoken and written)

Soft skills

• 
  Understanding of the importance of "big picture" thinking and planning and ability to apply organizational acumen to identify and maintain focus on key success factors for the organization.
  
• Highly motivated, and results oriented with an ability to handle high pressure situations with key stakeholders
  
• Strong and proven leadership capabilities with communication, coaching, influence, negotiation and conflict resolution
  
• Excellent presentation and communication skills and an ability to present complex information in a manner suitable for technical and non-technical audiences
  
• Strong sense of organization and prioritizing
  
• Analytical and problem-solving skills
  
• Ability to communicate, write and synthesize information
  
• Ability to multi-task in a rapid-paced environment
  
• Team spirit, tact, diplomacy, autonomy, rigor, and discipline

If you don't meet all the requirements, we still want to speak with you!

Equisoft is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

We thank you for your interest in our company and we guarantee that all submitted applications will be considered. Only those whose applications are selected will be contacted for interview purposes. By submitting your application, you consent to Equisoft collecting, using & storing your personal data in order to apply for a job and for Equisoft to analyze your application. Due to the nature of its products and services, Equisoft will perform thorough background checks prior to confirming one’s employment.

We thank you for your interest in our company and we guarantee that all submitted applications will be considered.
Only those whose applications are selected will be contacted for interview purposes. By submitting your application, you consent to Equisoft collecting, using & storing your personal data in order to apply for a job and for Equisoft to analyze your application. Due to the nature of its products and services, Equisoft will perform thorough background checks prior to confirming one’s employment.