Information security consultant - Jobs in Laval, QC

Job Description

About usOKIOK is a cybersecurity innovation firm that operates at different levels: consulting, solution development, penetration testing, and incident response. We recruit the best in the industry to join our dynamic team, which is always on the lookout for the latest technologies to serve our clients and counter emerging cyber threats.A career in information security in an environment that values well-being and offers the opportunity to excel every day... interestingMain responsibilitiesReporting to the Director of Professional Services, the Information Security Consultant has more than 3 years of relevant and recent professional experience in governance and compliance of recognized information security standards. He acts as an information security expert in large-scale mandates. He performs his duties, among others, by implementing tools and/or methods to ensure the maintenance and sound management of his specialization with the companys clients. In addition to having general expertise in information security and performing corporate activities expected for this type of position, the consultant stands out in the areas of governance and compliance with several recognized security standards such as NIST 800-x, PCI, GDPR, HIPPA, ISO2700x, SOX, etc.Perform consulting services in the areas of IT security

• Coordinate and participate in security audits;
• Identify IT security solutions and their impacts, based on business needs;
• Put in place effective protection mechanisms adapted to the needs of the clients;
• Write/implement security management policies, standards and processes;
• Coach targeted stakeholders as needed to ensure the transfer of required technical knowledge;
• Review the content and format of all documentation submitted by a team member to ensure compliance with standards, relevant specifications and required quality ("Peer Review").

In addition to the general duties expected, the Consultant has one of the following information security expertise:Act as an expert in information security governance and complianceThe consultant has expertise in governance and compliance with recognized enterprise security standards (e.g. PCI, ISO27001, NIST, NERC). The consultant can intervene on one or more of the following activities:

• Develop, review and implement security policies;
• Assess the maturity of security controls and identify gaps;
• Support in the realization of initiatives (framing, securing computer environments, etc.);
• Conduct information security control maturity audits (NIST or other);
• Conducting pre-certification audits;
• Advise and support the client(s) in their post-audit steps to maintain the expected level of compliance;
• Act as an expert in the implementation of an adequate management of compliance to an information security standard;
• Define strategic directions for compliance projects;
• Implement and coordinate workshops with key stakeholders (strategy, issues and project governance);
• Conduct gap analyses to measure the level of compliance;
• Define the action plans necessary to achieve compliance;
• Manage compliance projects or specific interventions in support mode.

Act as an expert in IT security risk managementThe consultant has expertise in enterprise IT security risk management and more specifically in the following activities and areas

• Act as an expert in the implementation of an enterprise IT risk management methodology;
• Act as an expert in the classification of information assets;
• Identify and understand customer IT security needs and define security controls that meet those needs;
• Determine the extent of the loss in value and the criticality of the assets;
• Participate in the deployment of security controls that meet IT security needs and requirements;
• Monitor and evaluate the performance of security controls;
• Lead and oversee the creation, adoption and maintenance of a risk management framework;
• Develop processes, tools and reporting systems;
• Participate in the creation and implementation of standards, policies and procedures;
• Recommend improvements to the risk management system and to the organizations standards, policies and procedures.

Act as an expert in network securityThe consultant has expertise in network security and more specifically in the following activities and areas

• Act as an expert for gatekeeper technologies;
• Act as a subject matter expert for current authentication systems including token-based systems, public key infrastructure-based authentication and authorization, and symmetric key systems;
• Act as an expert for intrusion detection tools;
• Act as an expert in securing Windows products, particularly for web and e-commerce environments;
• Act as an expert in the interconnection of multi-platform environments;
• Act as an expert in securing interconnections between enterprise and cloud environments;
• Act as an expert for the implementation of VPN solutions and secure electronic file transfers.

Support professional services management processes

• Develop profiles of consultant positions as required;
• Conduct interviews with potential candidates for positions as needed;
• Participate in the preparation of service offers;
• Participate in activities related to the reception and orientation of new counsellors;
• Participate in activities related to the definition of professional services offered or to be offered by the company;
• Coach technical resources as needed to impart and/or upgrade knowledge required to meet performance expectations;
• Accompany, as needed, the resources assigned to business development and/or other internal stakeholders to support them in their discussions with customers.

Carry out training activitiesThe incumbent may, from time to time, be required to participate in or conduct training activities in his/her area of expertise. In such cases, the following activities may be performed by the consultant:

• Accompany, as needed, the resources assigned to business development and/or other internal stakeholders to support them in their discussions with customers;
• Prepare the documentation and teaching aids required to conduct or have conducted the training programs/actions;
• Facilitate internal and external training programs/actions;
• Make required changes to training programs/activities as needed.

• Support the Advanced Solutions and Products department in its implementation of solutions

Qualifications requiredTechnique

• Degree in computer science or equivalent;
• At least 3 years of recent experience in his/her specialty;
• CISSP, CISA or CISM certifications (an important asset);
• Hands-on expertise in at least two areas of information security (CBK) including that of his/her specialty;
• Excellent knowledge in several areas of information security (CBK);
• Excellent knowledge of several security standards such as NIST 800-xx, PCI, CSA, C2M2, CoBIT x, GDPR, HIPPA, ISO2700x, SOX;
• Excellent knowledge of the security of cloud environments;
• Excellent knowledge of web technologies;
• Excellent knowledge of Microsoft, Linux or Unix systems;
• Excellent knowledge of secure data transfer.

General

• Ability to interact with representatives from different backgrounds;
• Excellent organizational skills, analytical and synthesis skills;
• Ability to make quick decisions in a changing environment and to be innovative;
• Ability to write documents in a clear and structured manner;
• Ability to work in a team and to act as a coach;
• Bilingualism in French and English, spoken and written.

Additional information

• The consultant will be called upon to travel to OKIOK clients in the Greater Montreal area to work on various mandates/projects;
• Possibility of telecommuting depending on the nature of the mandate/project;
• Group insurance (drug, dental, disability, etc.);
• Cellular fees paid;
• Paid job-related certifications and training;
• Annual vacation;
• Time bank for personal leave;
• Sick leave;
• Competitive salary;
• Performance bonus.

Quick Apply

• Terms & Conditions
• New Privacy
• Privacy Center
• Accessibility

For Job Seekers

• Browse Jobs
• Advanced Job Search
• Emplois Quebec

For Employers

• Post a Job

Stay Connected