Description
Reporting to the Senior Manager, the incumbent is responsible for the Managed Services of Bell Business Markets to develop and implement various security standards, safeguards, processes and metrics in the areas of Operational Security, Compliance and Risks Management. He will act as a spokesperson and expert on the subject.
Act as spokesperson and expert in information security, risks management and compliance for the Managed Services teams and customers. Collaborate with the Corporate Security and Internal Audit teams.Involve in projects and various committees to review and analyze complex systems (Applications, OS’s, and networking devices), to identify risks, exposures, define and implement compensating controls. Responsible to develop and implement various security safeguards and metrics with all teams of operations and managed services customers. Collects, consolidates and analyzes information required for the evaluation and administration of services rendered; produces reports to recommend processes and procedures to implement such requirements as required by Bell or its clients: ISO 2700x,17799, CSAE 5025/9100, C198, PIPEDA, « Sarbanes Oxley », PCI, etc. Produce and maintain business risk and impact analysis. Develop and propose action plans to limit the risks to our contractual obligations and good management. Review, analyse and document the security information requests received and update them in the ticketing system. Review, analyse and document the exception requests received and update them in the ticketing system.Coordinate audit requests from the clients under its responsibility according to our contractual obligations.Conveys the various parameters to be met from the customer to the appropriate managers, and prepares them for the auditors’ visit group in regards to contractual obligations. Provides follow-up, assistance and quality assurance. Approves reference materials pertaining to computer security equipment operations that are associated with audit mandates. Accompanies the auditors who are responsible for the audit mandate and interacts with them. Required qualifications:
Bachelor’s degree in telecommunications or in computer science with a specialization in telecommunications, or the equivalent. Seven (7) years’ experience in IT security operations In-depth knowledge and experience in IT Security and Telecommunications In-depth knowledge and experience with CSAE 5025/9100 and SAS70 audit reports, SOX and C198 legislation, risk analysis methodologies and security standards (e.g. ISO, PCI) The following certifications are an asset: ITIL, CISSP, CISM and CISA Knowledge of financial aspects and information technologies Good knowledge of common Office tools. Bilingualism written and spoken Good knowledge of Bell Managed Service Operations would be an asset Behaviour skills:
Initiative Leadership Customer Orientation Sense of collaboration (teamwork) Interpersonal Skills Ability to influence Compliance with commitments Results Orientation Verbal and written Supervision and monitoring Change Management
