POSITION: Cybersecurity and Network Governance, Risk & Compliance Engineer
REPORTS TO: Manager, Cybersecurity and Network
DEPARTMENT: Corporate Services
LOCATION: North Bay
REFERENCE: 800-149B-25
SALARY: $95,212 - $112,008
WHO WE ARE:
Ontario Northland Transportation Commission (ONTC) is an Agency of the Province of Ontario that provides efficient and vital transportation services. We are a modern, forward-thinking organization focused on providing safe and reliable transportation services. ONTC has a rich history of over 120 years and strong connections to the communities we serve. With over 900 skilled professionals, we work together to enhance transportation services and ensure that they are sustainable for future generations. We offer a dynamic workplace culture, along with a competitive salary, excellent benefit package, a defined benefit pension plan, paid vacation, paid personal leave days and discounted transportation on our bus and passenger rail services.
ACCOUNTABILITY STATEMENT:
The Cybersecurity and Network Governance, Risk and Compliance Engineer plays a lead role in the governance of data and electronic records and information at Ontario Northland.
MAJOR DUTIES/ RESPONSIBILITIES:
- Ability to understand complex IT solutions and identify regulatory, organizational policies and information security requirements that must be built into the IT solution.
- Collaborate with various departments to develop risk mitigation strategies, action plans and provide guidance on informational security requirements.
- Guide IT project teams on how to build regulatory, organizational policies and information security into a solution and assist in incorporating the functionalities into the applicable IT solution.
- Ensure compliance with relevant laws, regulations, and standards (e.g., Payment Card Industry Data Security Standard (PCI-DSS), International Organization for Standardization (ISO27001), Freedom of Information and Protection of Privacy Act (FIPPA), National Institute of Standards and Technology (NIST)).
- Promote a culture of compliance and risk awareness.
- Develop and present awareness sessions and facilitate workshops for regulatory, organizational policies and information security assessments.
- Assist in the development and implementation of governance frameworks.
- Participate in the development, implementation, and maintenance of policies, standards, and procedures relative to information security management.
- Support user acceptance testing and development of training materials of regulatory, organizational policies and informational security requirements.
- Act as a liaison between information management (IM) practices and IT solutions.
- Conduct/support in-house information security/risk assessments internal to ONTC.
- Research and analyze information security trends, regulatory and regulatory changes and emerging best practices to optimize ONTC’s transparency and compliance in the information management domain.
REQUIREMENTS:
- University degree in Information Security, Information Technology or related field.
- 5+ years of experience in the governance, risk and compliance field.
- Minimum of one of the following certifications is required: Certified Compliance & Ethics Professional (CCEP), Certified Governance Risk and Compliance (CGRC), Certified Risk and Information Systems Control (CRISC), Certification in Risk Management Assurance (CRMA), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP).
- Experience implementing and/or supporting document management systems, workplace collaboration/productivity platforms (e.g., Microsoft SharePoint, Microsoft Teams), ECM/content services platforms and/or information management software (OpenText Content Server preferred).
- Experience developing and maintaining information classification systems, file directory structures, file plans and records series/retention schedules.
- Demonstrated ability to serve as a change agent, leading and inspiring others to act, especially under circumstances when change is unpopular.
- Knowledge of theory and principles of systems design and development and related methods, techniques and standards.
- In depth knowledge of various legislative and regulatory policies.
- Strong skills in developing and delivering presentations for target audiences.
- Project management skills.
- Extensive knowledge on IT Operations and IT Service Management.
- Highly motivated, analytical, organized, and efficient.
- Ability to work independently.
- Valid driver’s license.
- Commitment to company health and safety.
BACKGROUND INVESTIGATION: The successful candidate will need to pass the following clearances: criminal record check, employment references and education verification.
CLOSING DATE: December 12, 2024 no later than 11:59 p.m. We thank all applicants for their interest; however, only those selected for an interview will be contacted. Qualified individuals are invited to apply in writing with a current covering letter and resume (provided in one document), stating reference name and number. Visit our career website to apply: https://www.ontarionorthland.ca/en/careers
At Ontario Northland, we are committed to employment equity. We value the unique skills and experiences each person brings to Ontario Northland and invite all interested individuals to apply and encourage applications from Indigenous peoples, racialized persons, women, persons with disabilities, and persons who identify as 2SLGBTQIA+.
Ontario Northland will provide accommodation to ensure barrier-free employment in accordance with the Canadian Human Rights Act and the Accessibility for Ontarians with Disabilities Act. You can request accommodation at any stage of the hiring process. If you require an accommodation, please contact Human Resources.
Les offres d'emploi sont également disponibles en français. Visitez notre site Web sur les carrières ou appelez le 1-800-363-7512, poste 394 pour plus de renseignements.