Security Governance Risk & Compliance Analyst
1 week ago
Function as a representative of Information Security leading by example, being diplomatic yet firm, fair, flexible and consistent in deploying industry-standard information security best practices and applicable laws, regulations, and policies.
Assistance in evaluating the design and operating effectiveness of the BC Integrated Secure Controls Framework (BC SCF) built from Industry Standards such as NIST, ISO 27001, PCI DSS around technology controls, including, but not limited to Software Development Lifecycle (SDLC), Logical Security, Data interfaces, availability/redundancy, and Cyber / Info security.
Preparing supporting evidence, documenting test plans which clearly describes the audit procedures performed, results of testing and conclusions reached for various processes.
Designing technology diagrams detailing the systems and their dependencies during the audit process
Assisting with the Department’s data collection and analytics efforts and Internal Audit report preparation.
Assisting in the development and tracking of control recommendations for corrective action/improvement.
Work with Internal business units including engineering stakeholders to identify and continuously improve departmental practices.