City: Ottawa, Ontario, Canada
Employment Type: Full Time
As a member of CGI’s global security team, the candidate will play an integral role in operating the Supply Chain Security Risk process as a key part of the Security Assurance program. The candidate will assist with the implementation of the defined process, and help to mature the program through ongoing improvements and efficiencies, reducing CGI’s overall security risk as it relates to third party suppliers.
Your future duties and responsibilities:
• Coordinate and execute the process and resources used to perform security risk assessments of CGI’s third parties who may meet materiality criteria for evaluation;
• Assist with the design and enhancement of security metrics (KPIs/KRIs) to assist in CGI’s security reporting as it relates to supply chain management;
• Scheduled review of security assessments of existing third parties;
• Assisting security and business operations in the development of acceptable risk mitigation plans;
• Execute information security risk and control identification, evaluation, documentation, analysis and reporting using analytical tools to support the process;
• Partnering with various other interested parties (Global Procurement, legal, CIO, BU security teams, etc.) to ensure the successful implementation, operation, and improvement of the third party security process and related procedures;
• Responsible for tracking and documentation of all third party risk information, including regular reports for high level management;
• Helping to ensure contractual adjustments are made to agreements between CGI and its vendors that ensure protection of information and facilities;
• Assist with the escalation of any issues that may impact business objectives and priorities involving vendor selection, and
• Perform other duties as deemed necessary.
Required qualifications to be successful in this role:
• Bachelor’s Degree and relevant security certification (CISM/CISA; CISSP, etc.)
• Previous experience with reviewing security assessment results (penetration tests, control evaluation, vulnerability assessments, audit results, etc.)
• Expert knowledge of security / risk control frameworks (COBiT, ISO 27001, PCI-DSS, NIST CSF, ITIL), and business continuity / disaster recovery frameworks (ISO 22301, ISO 27031);
• Experience with producing management reports and developing KPIs;
• Facilitation skills with an ability to build relationships with stakeholders;
• Excellent oral, written and interpersonal communication skills;
• Highly self-motivated, self-directed and attentive to detail;
• Previous experience working with vendor assessments for a global organization;
• Coordination of additional support resources in a team lead function, and
• Excellent English and French verbal and written fluency.
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.
Have you been referred by a CGI Member for this position?*
* This field is required.
Client Service Engineer - Encryption (18002449) General Description As an Associate Client Services Engineer you will provide technical support to customers, answering complex questions on...
Sales Director-1900095I Preferred Qualifications Our team here at Oracle is building a state of the art analytics software solution sales team to help financial services companies measure and ...
We are seeking a Project/Program Manager in our Ottawa office, to manage the end-to-end project lifecycle: gather business requirements from stakeholders, write functional requirements for...
Analyst, Insurance and Treasury (Finance and Administration) - OTT02039 Job Family Finance Primary Location Ottawa Position Language Requirement English Only Language Skill Levels (Reading /...
Professional Consulting - Ottawa MaxSys is currently looking for a Special Advisor, Senior for our Federal Client. Qualifications: Education: Secondary school diploma is required Must possess...
Information Technology - Ottawa MaxSys is currently looking for a Chemical Engineer, Intermediate for our Federal Client. Qualifications: Education: Secondary school diploma is...
Client Service Engineer - Encryption (18002449) General Description As an Associate...
Sales Director-1900095I Preferred Qualifications Our team here at Oracle is building a state of...
We are seeking a Project/Program Manager in our Ottawa office, to manage the end-to-end project...
Analyst, Insurance and Treasury (Finance and Administration) - OTT02039 Job...
Professional Consulting - Ottawa MaxSys is currently looking for a Special Advisor, Senior for...
Information Technology - Ottawa MaxSys is currently looking for a Chemical Engineer,...