Cyber Security Advisor - Third-Party Risk

Cyber Security Advisor - Third-Party Risk

Our Technology team wakes up every day with one goal in mind - connecting Canadians to the people and things that matter most. Together, we are proud to support 30 million Canadians each month through managing a robust portfolio that champions leading-edge technology. We drive large-scale, complex, and high-visibility technology projects and programs that shape the future of technology in Canada and expand connectivity from coast to coast. If you are interested in being a part of this, consider applying for the following opportunity:

Are you passionate about managing third-party risk and thrive in a dynamic, fast-paced environment? Are you interested in SOC 2 or security maturity audits and eager to enhance organizational security standards?

At Rogers, we want to support you in building and developing a rewarding career in Cyber Security. Rogers is the place where ideas become reality. We embrace change and find ways to do better. And we deliver on that commitment by fostering an environment of passion and innovation for all people.

Rogers is seeking a Cyber Security Advisor in the Information & Cyber Security Unit (ICSU), focusing on Cyber Security Governance and Compliance. This individual will be responsible for supporting the third-party security risk management program and strategy. Conducting thorough cyber security risk assessments of third-party vendors' information security programs. Working to ensure policies and processes are properly designed and controls are operating effectively to meet regulatory and security requirements. Facilitating internal and external compliance audit and assessment activities for the organization.

Reporting to a Sr. Manager of Cyber Security at the Rogers Brampton Campus, this individual will have the following responsibilities:

What you'll be doing:

• Conduct thorough assessments of third-party vendors' information security, business continuity, and other technical domains
• Evaluate third-party compliance with industry information security standards, corporate policies, regulatory and compliance requirements
• Evaluate implementation of new technologies / processes and agreements with third-party service providers to ensure continual compliance with regulatory requirements
• Identify and document assessment findings, gaps, and risks, and communicate them to relevant stakeholders
• Maintain assessment documentation, reports, and metrics
• Collaborate with internal teams, including Subject Matter Experts (SMEs) and Enterprise Vendor Managers
• Provide support for audit, compliance, and regulatory requests
• Identify and evaluate technology risks, internal controls to mitigate risks, and related opportunities for continuous control improvement
• Maintain knowledge of the information security environment, including development of new attacks and threats

What you bring:

• Undergraduate degree in Information Management, Computer Science, Engineering,or emphasis in technology or related field
• Experience with third-party risk assessment, information security, IT Audit and/or Security Governance, Risk and Compliance (GRC)
• Understanding of risk management frameworks, industry standards, and regulatory requirements
• Knowledge of concepts, best practices, and controls in information security domains
• Knowledge of the national and international evolving cyber security threat landscape
• Experience interpreting industry and regulatory requirements and authoring supporting controls
• Relevant certifications (e.g., CTPRA, CTRPRP, CISSP, CISA, CISM, Security+) are a plus

Skills:

• Experience with third-party risk management tools and platforms
• Knowledge of cybersecurity, data privacy, and business continuity practices
• Strong analytical, problem-solving, and communication skills
• Organizational and project management skills
• Ability to build and maintain positive relationships with internal and external stakeholders
• Ability to work with teams to achieve goals and meet deadlines in a fast-paced environment
• Works well under pressure and time constraints and can prioritize competing priorities appropriately

What's in it for you?

We believe in investing in our people and helping them reach their potential as valuable members of our team. As part of our team, you'll have access to a wide range of incredible resources, growth opportunities, discounts, and perks, including:

• Competitive salary & annual bonus
• Competitive & flexible health and dental benefits, pension plan, RRSP, TFSA, and Stock matching programs.
• Discounts: Enjoy up to 50% off Rogers Services and Blue Jays Tickets, 25% off TSC items, and a 20% discount on all wireless accessories sold in Rogers stores.
• Paid time off for volunteering
• Company matching contributions to charities you support
• Growth & Development Opportunities:
  
  • Self-driven career development programs (E.g. MyPath program)
  • Rogers First: priority in applying to internal roles of interest
• Wellness Programs:
  
  • Homewood employee & family assistance program
  • Cognitive Behavioural Therapy (CBT) & Virtual therapy sessions
  • Low or no-cost fitness membership with access to virtual classes
• Our commitment to the environment and diversity:
  
  • Work for an organization committed to environmental protection
  • Strong commitment to diversity and inclusion with employee resource groups supporting equity-deserving groups including groups representing People of Colour, 2SLGBTQIA+, Indigenous Peoples, Persons with Disabilities and Women. We all bring something different, and we know what makes us different makes us great.

This is a hybrid work position and will require you to be in office three days per week.You can choose which days in office work best for you!

To protect our people, brand and assets, a pre-employment background check will be conducted. As part of our selection process, all candidates must clear a criminal background check. Additionally, a credit check and drivers abstract may be required depending on the role.

Schedule:Full time
Shift: No Selection
Length of Contract: Not Applicable (Regular Position)
Work Location:8200 Dixie Rd (341), Brampton, ON
Travel Requirements: Up to 10%
Background Check(s) Required: Criminal Record and Credit Check
Posting Category/Function: Technology & Information Technology
Requisition ID: 323683

At Rogers, we believe the key to a strong business, is a diverse workforce where equity and inclusion are core to making everyone feel like they belong. We do this by embracing our diversity, celebrating our different perspectives, and working towards creating environments that empower our people to bring their whole selves to work. Everyone who applies for a job will be considered. We recognize the business value in creating a workplace where each team member has the tools to reach their full potential by removing any barriers for equal participation. We work with our candidates who are experiencing a disability throughout the recruitment process to ensure that they have what they need to be at their best. Please reach out to our recruiters and hiring managers to begin a conversation about how we can ensure that you deliver your best work. You matter to us! For any questions, please visit the Recruitment Process FAQ .

Posting Notes:Technology

Location:
Brampton, ON, CA

Being a Rogers team member comes with some great perks & benefits including:
• Health & well-being benefits
• Donation matching
• Paid time off for volunteering
• Wealth Accumulation including: Pension plan & Employee stock options
• Generous employee discounts
• Leadership development, Mentorship, and Coaching programs

*available for full-time and part-time permanent employees, some restrictions apply

Looking for career guidance and inspiration?

Catch up on the latest episodes of For the Love of Work podcast with Dr. Sonia Kang.

Job Segment: Cyber Security, Compliance, Information Security, Corporate Security, Law, Security, Legal, Technology