Senior It Security Compliance Specialist Job In Montreal

Job Description

Senior IT & Security Compliance Specialist

Senior IT & Security Compliance Specialist

Your role as Senior IT & Compliance Specialist

The Senior IT & Security Compliance Specialist will contribute to ensuring Dialogue is secure and compliant by managing the SOC2 and ITGC audits. Contributing to a strong security and risk management culture through collaboration with Tech & Product, Risk and Compliance stakeholders to ensure IT & Security compliance risks are identified, mitigated, monitored on an ongoing basis.

What you’ll be doing:

• Managing SOC2 and ITGC audits including identification of risks for the organization, handling of escalations and remediation of compliance issues
• Coordinating compliance testing and monitoring of regulatory obligations and required controls and standards
• Providing reporting on actual and potential non-compliance, control adequacy, audit deficiencies and observations, to the Risk & Compliance team. Coordinating analysis, resolution and contributing to enterprise risk and compliance reporting
• Partnering with key stakeholders to ensure IT and Security implemented solutions are compliant with corporate policies, regulations, and standards
• Assisting in the creation and maintenance of the information security risk register, audit requests, and vendor assessments
• Coordinating, maintaining and improving IT & Security compliance programs and processes such as information security awareness and trainings, privacy policies, and corporate IT and Security policies
  
  

We'd love to hear from you if you have:

• 5+ years of experience managing IT and Compliance audits, demonstrated track record of achieving objectives in a fast paced environment and assimilating knowledge quickly
• Experience working with auditors and the evidence collection process
• Understanding of information systems, networks and all areas of Information Security including data protection, incident management and vulnerability management
• Knowledge of NIST and GDPR regulatory and industry standards
• Information security certifications (CRISC, CISA, CISM, CGEIT, CISSP, CCSP or GIAC) are considered an asset

Please note that as we serve customers across Canada, bilingualism is essential for this position. You may be required to communicate in French and English.

At Dialogue, your well-being is our priority

Taking care of others also means taking care of our team. We’ve got you covered!

• A fully funded benefits plan, including a wellness reimbursement program
• Unlimited access to a variety of Dialogue's programs for you and your immediate family
• 4 weeks of vacation, 9 wellness days and 1 paid volunteer day
• A flexible schedule and a hybrid work approach
• An allocated budget for continuous training
• Short and long-term incentive plans, including restricted stock units (RSUs)
• An optional parental benefits program

About Dialogue

Dialogue is the #1 virtual care provider in Canada. By developingour Integrated Health Platform????, we provide exceptional online health and wellness programs (primary care, mental health, iCBT, EAP, and wellness) to organizations that want to improve the wellness of their employees and families.

When it comes to our work, we set the bar high. Together, we’re transforming health and helping millions improve their well-being. We’re firm believers that great people don’t settle on:

Impact

Community

Growth

Feel like you can make a difference? Good news, we saved you a seat!

Come as you are. As a proud equal opportunity employer, Dialogue is dedicated to creating a diverse and inclusive workplace for everyone. Qualified applicants will be considered regardless of citizenship, ethnicity, race, colour, religion, gender, gender identity or expression, sexual orientation, disability, age, or veteran status. Applicants who require specialized accommodation are encouraged to contactaccessibility@dialogue.co .

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.