Manager, Cybersecurity GRC and Process Improvement

Company Description

American Iron & Metal (AIM) is a family-owned company and recognized global leader in the metal recycling industry with more than 125 sites and 4000 employees worldwide.

We have continued to prosper for the last eight decades thanks to the dedication of our employees and the ongoing trust and support of our customers.

Become part of team AIM, a growing team with an entrepreneurial spirit who has over the years evolved into a successful and multifaceted company with business divisions that include metal recycling, decommissioning and demolition, auto-parts sales and recycling, manufacturing of solder assemblies, construction waste recycling, and production of customized industrial and mining products.

We take pride in doing good things for the environment to help create a greener, more sustainable future for all.

It’s simple; we do it right. We AIM for excellence.

What we offer!

• Competitive salary + other perks
• Group insurance & RRSP program
• Company-wide events throughout the year (BBQ, Holiday party etc.)
• Free gym on site
• Two cafeterias on site (subsidized meal program available)
• Dynamic & rewarding work environment- work on high-impact, meaningful projects while also having fun!

Job Description

The Manager, Cyber Security GRC & Process Improvement and his / her team are responsible for the cybersecurity controls, methodology and risk assessment, as well as compliance with the standards that AIM follows.

The manager and his / her team are also responsible for evaluating, designing, and implementing business process best practices to improve service and business efficiency.

They will analyze workflow, process, and reporting data to assess the effectiveness of current business processes :

Reporting to the Senior Director of IT and Cybersecurity, the Cybersecurity, GRC and Process Improvement Manager will :

• Ensure continuous improvement and adoption of the information security governance framework
• Manage the cybersecurity methodology and risk register
• Manage and ensure the vitality of the governance framework : policies, standards, procedures, etc.
• Participate in the initial phase of projects to identify and communicate safety issues to facilitate compliance with standards and proper risk management.
• Perform regular and proactive reporting to the CISO and maintain business KPIs
• Lead and coordinate projects and activities related to process quality and efficiency to ensure continuity of best practices and quality improvement across all IT spheres (OPS, APP and PMO).
• Manage the process and cycle of major incidents and issues.
• Manage the Change Advisory Committee (CAB).
• Develop / update documentation of policies, standards, procedures, processes, work instructions, and other tools to support execution.
• Collaborate cross-functionally to evaluate and improve the entire process lifecycle.
• Manage team member development, goals, training, etc.

Qualifications

• At least 5 years in cybersecurity GRC
• At least 5 years of experience leading process analysis and redesign initiatives using Lean methodology.
• Proven experience leading others on process analysis and redesign initiatives.
• Strong analytical skills and ability to translate data into measurable actions and present projects to management for evaluation and prioritization.
• Ability to present complex processes in easy-to-understand terms to various cross-functional stakeholders in order to gain their approval and set priorities.
• Ability to prioritize and manage multiple projects, large and small, with competing deadlines, and present progress to management.
• Significant skills in process improvement, business transformation, customer service, communication, leadership, problem solving, and team building.
• Experience in applying security frameworks (, ISO 27001, COBIT), laws, and standards (, NIST, GDPR, Law25)
• Ability to work on deliverable projects with minimal supervision and present progress and results to the Director for approval.
• Lean certification and cybersecurity an asset

Additional Information

American Iron & Metal and its subsidiaries is an equal opportunity employer. All qualified applicants are given consideration regardless of race, religion, colour, gender, sex, age, sexual orientation, gender identity, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable employment laws.

Although we’d love to be able to speak with everyone that applies, due to the volume of applicants we receive and time constraints, only those selected to move forward will be contacted.