Cybersecurity GRC Expert

Sopra Steria, a major Tech player in Europe with 52,000 employees in nearly 30 countries, is recognized for its consulting, digital services and software development. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organizations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a fully collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2023, the Group generated revenues of $8.5 billion. The world is how we shape it. For more information, visit us at www.soprasteria.com

Are you ready to take on the challenge with us?

Position Summary

As we continue to grow, we are seeking a talented and motivated Cybersecurity GRC Expert to join Sopra Steria's Cybersecurity division (I2S), in our downtown Toronto office located in Financial District, reporting to the Prevent Manager. You will be responsible for overseeing Governance, Risk and Compliance as part of a global transformation project. An essential emphasis is set on the planning, execution, and delivery of cybersecurity projects on-time & within scope. You will collaborate with cross-functional teams, including product management, business stakeholders, engineering, operations, and security teams to ensure successful project delivery.

Responsibilities

• Lead and manage complex projects with a focus on IT / cybersecurity, from initiation to closure.
• Perform audit activities (based or derived from NIST Framework).
• Monitor non-compliance issues and ensure remediation solutions are implemented.
• Assist in raising risk as part of risk assessment and impact analysis.
• Challenge business stakeholders and technical teams to ensure accuracy in information reported.
• Work closely with stakeholders to define project scope, objectives, and deliverables.
• Communicate across multi-functional stakeholders both business and technical to achieve alignment, raise risks, and make decisions.
• Manage project risks and issues and escalate as appropriate.
• Ensure project deliverables are of high quality and meet the agreed-upon standards.
• Ensure compliance with regulatory requirements and industry best practices.

Requirements

• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
• 5+ relevant experience in Cybersecurity and / or GR role.
• Proven experience performing audit and assessment, preferably in the cybersecurity domain.
• Strong understanding of cybersecurity principles, technologies, and standards.
• Working knowledge of NIST CSF and executing controls to improve security maturity (including people, process, tools).
• Knowledge or expertise of audit framework such as ISO27001, SOC2, CIS, PCI-DSS and privacy framework (GDPR, HIPAA or equivalent).
• Knowledge of project management skills (e.g., tracking activities, scoping, workshop facilitation etc.).
• Excellent communication, leadership, and stakeholder management skills.
• Strong problem-solving and critical-thinking skills.
• Ability to work independently and lead cross-functional teams in a fast-paced environment.
• Relevant industry certifications, such as CISSP, CISM, or CISA, are a plus.
• Good interpersonal and communication skills.
• Previous work in a multicultural environment.
• English required / French is a plus.

We offer phenomenal career progression opportunities and benefits which you can flex to meet your needs. Excellent training and development opportunities, and the encouragement to develop your skills in a supportive and friendly environment.

We thank all applicants for showing an interest in this position. Please note that only shortlisted candidates will be contacted for further steps in the selection process.

Sopra Steria is an equal-opportunity employer. We value diversity and are committed to creating an inclusive work environment.