Job description

Company Description

Please note that this is a remote position.

Do you want to experience the essence of a large organization in a company with a personal touch? Come and work with us! We are looking for creative, innovative, and collaborative people like you to join our team.

Take your ambitions to the next level

Reporting to the Chief Information Security Officer (CISO) and as a key member of the Corporate IT team, you will be responsible for ensuring that all of Alithya’s activities adhere to its established security policies, standards, processes and guidelines.

You will be assisting the CISO with setting up and maintaining the compliance process to ensure contractual, legal and regulatory compliance. As such, you will be heavily relied upon to contribute to the Enterprise IT Security team.

Coordinate all IT security evidence collection;
Assess and classify evidence;
Help select company compliance tools;
Plan and coordinate Alithya’s operational activities to guarantee compliance with applicable regulations;
Perform regular internal assessments, audits and reviews;
Gather evidence data and format it as required;
Identify compliance problems by collecting, analyzing, and summarizing information;
Work with internal team members to answer regular and ad hoc audit queries related to compliance;
Establish and enforce organizational standards;
Ensure that all policies, standards, processes and procedures are well documented and implemented;
Develop risk management strategies to avoid possible non-compliance;
File compliance reports;
Research and communicate compliance requirements to Alithya;
Maintain professional and technical knowledge of new and changing regulations;
Contribute to the implementation, adherence and review of the IT security policies and standards;
Prepare management reports related to security compliance;
Contribute to a collaborative and stimulating work environment.

When it just clicks!

Does this sound like you?

Five years of experience as a security risk and compliance analyst;
Over two years of working experience in an IT security-related field;
Bachelor’s degree in computer science, information technology, accounting, finance, or a related discipline (preferred);
Industry knowledge;
Knowledge of:

ISO 27001 controls framework, SOC-2, PIPEDA, GDPR and SOX;
ITIL.

Experience:

with compliance analysis;
with CISA, CISM, ISO 27001 Auditor/Lead Implementer (asset);
in project and/or risk management (asset).

Excellent diagnostic skills (ability to diagnose an issue or situation quickly and efficiently);
Great organizational skills (coordination, sorting, checklists, etc.);
Strong analytical, critical-thinking and problem-solving skills;
Basic computer skills and ability to input and manipulate data (e.g., Excel);
Detail oriented, self-starter and team player;
Ability to work autonomously and proactively.