Description
Position Description:
As a member of CGI’s Global Security GRC (Governance, Risk and Compliance) team, the individual performs an operational role in the Third Party Security Assurance process. The incumbent assists with the execution of the defined process and helps to make sure the program is operating effectively according to expected levels of standards and quality.
Your future duties and responsibilities:
– Execute the process used to perform security risk assessments of CGI’s third parties who may meet materiality criteria for evaluation
– Ensure timely and accurate reporting of security metrics (KPIs/KRIs)
– Complete review of security assessments of existing third parties
– Assist security and business operations in the development of acceptable risk mitigation plans
– Execute information security risk and control identification, evaluation, documentation, analysis and reporting using analytical tools to support the process
– Partner with various other interested parties (Global Procurement, Legal, CIO, BU Security teams, etc.)
– Track and document all third-party risk information, including regular reports for high level management
– Help to ensure contractual adjustments are made to agreements between CGI and its vendors to include protection of information and facilities
– Assist with the escalation of any issues that may impact business objectives and priorities involving vendor selection
– Perform other duties as deemed necessary
Required qualifications to be successful in this role:
– Bachelor’s Degree or equivalent
– Relevant security certification (CISM/CISA; CISSP, etc.)
– Minimum of three (3) years’ experience in information security
– Experience with producing management reports and developing KPIs
– Expert knowledge of security / risk control frameworks (COBiT, ISO 27001, PCI-DSS, NIST CSF, ITIL), and business continuity / disaster recovery frameworks (ISO 22301, ISO 27031)
– Previous experience working with vendor assessments for a global organization
– Previous experience with reviewing security assessment results (penetration tests, control evaluation, vulnerability assessments, audit results, etc.)
– Highly self-motivated, self-directed and attentive to detail
– Facilitation skills with an ability to build relationships with stakeholders
– Excellent oral, written and interpersonal communication skills
– Excellent English and French verbal and written fluency
Skills:
- Cyber
What you can expect from us:
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Come join our team—one of the largest IT and business consulting services firms in the world.
