What we do at Shaw matters – in a world where being connected has never been more critical, we bring the best wireline and wireless technology and solutions together to create exceptional customer experiences. Every day we help millions of Canadians live their best-connected lives through the strength, capacity and combined power of our Fast LTE and Fibre+ networks.
At Shaw we say we’re brighter together, and we believe it’s the diverse mix of brilliant people here that really makes us shine. When you join our team, you’ll see we are so much more than just a company. Shaw connects you with limitless opportunity, an incredible culture, career development and a great benefits package. We are a friendly, collaborative group, and we have a lot of fun finding new ways to delight our customers.
Come dream bigger and brighter with Shaw.
The Security Auditor role is part of the Security Compliance team that has a strong focus on planning and executing cybersecurity, privacy, and other technology audits under the Security Standards, Risk & Compliance department’s mandate.
A typical day
• Plans, leads, and executes audits in relevant areas such as cybersecurity, privacy, and other technology audits
• Collaborates with other groups such as Security Operations, Compliance, IT, Privacy, and business groups in planning and executing the requirements of assignment
• Works with different project teams in supporting the definition of information security requirements for projects (in collaboration with the Security Risk team) and ensures project compliance to these requirements and controls through certification (in collaboration with Security Operations)
• Provides support in other audit / risk assessment initiatives as required such as IT SOX / PCI audits, ad-hoc assessments, etc.
• Proactively stays up to date with emerging risks, threats, regulatory requirements, best practices and frameworks, and understands how these can affect the business
• Prepares audit and assessment reports and other documents regarding audit scope, procedures, findings, and recommendations
• Builds strong working partnerships with different risk and compliance teams and coordinate assessments and audit responses
• Coordinates the development of action plans for deficiencies or gaps identified during risk assessments, audits, incidents, and design reviews and follow up on their implementation with various internal stakeholders
Required Technical Experience and Qualifications:
• University degree in Computer Sciences, Information Systems, business, or a related discipline
• CISA (preferred), CISSP, CISM, or related certification
• Minimum of 5 years of progressive IT Audit experience and/or Internal Audit with strong experience in delivering successful information security and privacy audits
• Excellent knowledge of auditing cybersecurity operations and knowledge of key areas such as threat intelligence, security monitoring, cybersecurity governance, identity & user access management, vulnerability management, etc.
• Excellent understanding of key principles and concepts on data privacy/data protection
• Good understanding of IT Control and Security Frameworks such as COBIT, ISO 27001, NIST CSF / SP 800-53, etc.
Required Skills, Qualities and Character:
• Excellent audit report writing and verbal communication skills, with the ability to communicate complex messages in a compelling manner
• Ability to navigate through complex systems, ambiguity, and to manage multiple assignments
• Exceptional analytical and problem-solving skills
• Extremely organized, detail-oriented and takes pride in quality
• Proven ability to prioritize and handle multiple tasks in a time-sensitive manner
• Excellent team player as well as the ability to work independently
• Able to collaboratively work with diverse groups of stakeholders, including senior leaders
• Listens to feedback and shows eagerness to grow
• Hungry to do more and eager to go above and beyond the norm
• Strong relationship builder who prioritizes collaboration and partnership
• Passionate for challenging the status quo and developing out-of-the-box ideas
• Comfortable with technology and able to engage in discussions with both technology and business teams to understand and explain risks in a way appropriate to his/her audience
This position requires the successful completion of a criminal and credit background check.
The position has remote working options across Canada.
Posting closing date:June 7, 2021
Shaw Communications, through its third-party vendor, collects and stores information applicable to the candidate profile you create when you submit the information asked for below. The use and disclosure of the collected information is for the sole purpose of job search and placement activities for Shaw Communications. The information is subject to Personal Information Protection and Electronic Documents Act. The information will be retained and when disposed of, it is done so in a secure manner. Your profile will become inactive and moved to the archive if you do not access your profile for a period of 1 year.
We thank all applicants for their interest; however, only selected candidates will be contacted. No telephone calls or agencies, please.