Business Analyst - Senior (Business Analyst Specialist / Band V) (68349)

Location: Toronto, ON
Date Posted: 12-09-2017
Looking for individuals with 3-5 years' direct experience on GRC or Enterprise tool implementations with exposure to risk, controls as well (PCI, SOX, etc.).  The team is currently in the final stages of GRC tool selection; however, Oracle Identify Manager is not an option.

This Business Analyst role will report to the Director, Security Governance.  Role will involve implementing a tool in addition to risk assessment and process optimization.

Required Skills & Qualifications:
• Previous enterprise software implementation experience required (GRC tool specific experience is preferred)
• Ability to translate risks and compliance requirements into understandable terms for both business and technical staff
• Knowledge and experience with various IT governance and control frameworks (NIST, COBIT, COSO, ITIL, etc.)
• Familiarity with security regulations in compliance legislation and other directives including PCI, Sarbanes-Oxley, ISO 27001
• Knowledge and understanding of Internal controls, SOX, PCI, and the working practices of both internal & external Auditors
• Experience preparing status reports, and project plans
• Working knowledge of vendor assessments, and associated frameworks (SIG etc.)
• Support ICSU team members as necessary with other ICSU program areas, including by not limited to vendor risk management, information security training and awareness, PCI DSS self-assessments, and SOX internal control reviews
• Should possess or be currently working towards preferred industry certifications: CISA, CISM, CRISC, CISSP, or similar information security/IT audit discipline
• Cyber security improvement experience
• Takes initiative and can come up with new/interesting solutions and can explain business case and reason behind them.
or
this job portal is powered by CATS