Talent.com
Cyber Security Advisor

Cyber Security Advisor

CAEMontreal
30+ days ago
Salary
CA$160,000.00 yearly
Job type
  • Full-time
Job description

Role and Responsibilities

Working within the Cybersecurity team, the Global Cybersecurity Advisor will engage with stakeholders across Civil and D&S (Germany & Canada) lines of business to represent the collective cybersecurity interests of the team during project engagements through various primary activities listed below.

  • Developing and maintaining an in-depth understanding of the business unit, technologies, customers, partners, alliances, systems, processes, consumers, data, and customers.
  • Acting as a partner with the legal, compliance, and IT resources to establish an effective working relationship that enhances the security program effectiveness for D&S (Germany and Canada).
  • Acting as liaison for implementation of the information security policies and procedures, bids and proposals and risk management assessments and mitigation.
  • Identifying and acting on all non-compliance areas for improvement and facilitates the development and deployment of the solutions.
  • Coordinating Service Level Management for cybersecurity and assurance.

Key Areas of Responsibilities :

  • Cybersecurity Strategy : Develop, implement, and continually refine Civil and D&S (Germany & Canada) Cyber Security AdvisorCystrategy and policies to align with business objectives and emerging threats. Gather insights for Cybersecurity from business lines to influence CISO strategy and facilitate development of security tools / services to enable business objectives.
  • Risk Assessment : Coordinate & conduct regular risk assessments and vulnerability analysis to identify potential security threats and vulnerabilities within systems and data.
  • Security Governance : Establish and advocate effective security governance practices to ensure that security measures and controls are consistent with business goals and industry best practices.
  • Compliance and Regulations : Stay up to date with cybersecurity laws and regulations, ensuring compliance with relevant standards (e.g., NIST, ISO 27001, GDPR) and industry-specific requirements.
  • Incident Response Planning : Serve as the line of business point of contact in the event of cyber incidents and coordinate a response by bringing business, cyber and other teams together as necessary.
  • Security Audits and Assessments : Coordinate and oversee internal and external security audits, vulnerability assessments, and penetration testing for the Civil and D&S (Germany & Canada) lines of business.
  • Vendor Risk Management : Evaluate the security practices of third-party vendors, ensuring they meet security standards and contractual requirements.
  • Security Technology Selection : Evaluate and recommend technologies, tools, and solutions to protect the information assets.
  • Security Research and Analysis : Stay current with emerging cybersecurity threats, trends, and technologies to proactively adapt security measures to new challenges.
  • Security Awareness and Culture : Promote a strong security culture throughout the Civil and D&S (Germany & Canada) lines of business and engage with employees at all levels to foster a security-conscious environment.
  • Cybersecurity Incident Tabletop Exercises : Organize tabletop exercises to test incident response and recovery procedures.
  • Collaboration : Work closely with stakeholders to ensure that security measures align with business objectives and provide guidance on security-related decisions.
  • Continuous Improvement : Continually assess and improve the organization's cybersecurity posture by adopting industry best practices and innovative solutions.
  • Additional Accountabilities :

  • Participate in region related conferences, client facing engagements, industry forums to represent CAE’s Cybersecurity program.
  • Participate in innovation projects and other unplanned activities.
  • Act as a mentor by providing advice, guidance, and education to members of the team.
  • Desired Skills and Experience

  • 5 Years in a Cybersecurity role, preferably within a GRC or Cybersecurity PM context
  • Knowledge of industry compliance standards and frameworks such as NIST, CMMC
  • Ability to juggle multiple priorities with a wide variety of stakeholders, both technical and business focused
  • Excellent communication and presentation skills
  • Industry certifications such as CISSP, CISM, PMP, CRISC
  • Past IT experience an asset
  • Past Defence and Security experience an asset
  • Position Type

    Regular

    CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.