Bulletproof

Security Auditor

カナダ アルバータ エドモントン ● カナダ オンタリオ オタワ ● カナダ オンタリオ トロント ● カナダ サスカチュワン レジャイナ ● カナダ ニュー・ブランズウィック フレデリクトン ● カナダ ニュー・ブランズウィック モンクトン ● カナダ ノバスコシア州 ハリファックス ● カナダ マニトバ ウィニペグ 要求 #94
2022年8月2日
Who We Are: 
 
Headquartered in Atlantic Canada with offices across the United States and around the world, Bulletproof has two decades in the security business, protecting its clients’ privacy and data. The company’s footprint now includes users on six continents trusting Bulletproof to secure their identities, networks, data, and devices.   
 
Driven by innovative, empowered and creative teamwork, we build solutions that solve business challenges and deliver overall business improvement for our global clients. At Bulletproof, we are committed to our customers, our team and our communities. Bulletproof's practices include Security and Network Operations Centers, Security Assessment & Audit, Quality Assurance and Testing, Microsoft Consulting, Managed Services, and Product Fulfillment; working together to provide true end-to-end business solutions.  
 
Why You Should Work With Us: 
 
At Bulletproof, our people are the core of who we are and what we do. Founded in Atlantic Canada and now operating globally, it’s our people who drive us and who bring us together. We believe that it’s through trusting and empowering our entire team, that we achieve more. Bulletproof was named Microsoft’s global Security Partner of the Year [2021] and Four-peat Microsoft Canada IMPACT Award winner [2019-2022]. Bulletproof is proud to be a Microsoft Gold Partner with twelve gold competencies and a member of the Microsoft Intelligent Security Association. We are committed to helping our customers achieve more securely.    

Interested?  Read on to see if your experience is a fit.
 
Position Summary:

As a Bulletproof Security Auditor you will conduct independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of our client’s security controls (as defined in NIST SP 800-53, ISO/IEC 27001: 2013 or other applicable standard).
This position will work with clients to assess, develop, and implement policies, standards and guidelines. Also, the position will entail developing security programs in alignment with information security frameworks. The position will ensure clients meet compliance requirements and guide them in developing an improved security posture. 


Responsibilities:

  • Conduct security assessments that can be multi-faceted for a wide variety of assigned clients.
  • Conduct certification audits against various standards
  • Provide clients with recommendations on building and enforcing information security standards and compliance to these standards.
  • Participate in risk governance process to provide security risks, mitigations and input on other technical risk.
  • Create security test reports and other documentation as needed.
  • Work with clients in defining information security requirements for projects and ensures project compliance to these requirements.
  • Author/review security architecture for clients and provides recommendations based on best practices or based on regulatory compliance requirements.
  • Work with clients to develop information security program health checks and the appropriate remediation plans.
  • Provide technical support as a subject matter expert in the sale of information security assignments on an as needed basis (work scoping and estimation).
  • Provide thought leadership and direction for the Information Security practice on client security programs.
  • Team up with colleagues in other lines of services in support of client needs for Information Security services.
  • Research best practices, developments, techniques and trends in information security and determine relevance to client organizations.
  • Provide clients with exceptional service in a professional, courteous and timely manner.
  • Oversight and management of audit sub-contractors
  • Other related duties as assigned.

Required Education/Credentials/Qualifications:
 

  • Degree from an accredited University or equivalent College Diploma and related experience.
  • CISSP, CISA, CISM, CIA or SANS Certifications
  • Excellent written and oral communication skills in English
  • Ability to meet deadlines and deliver a high-quality product (reports)
  • Strong attention to detail
  • Ability to work both independently and perform as a leader in a team environment
  • Experience performing information security audits, development of control tests and gathering evidence (exposure to Generally Accepted Auditing Standards (GAAS), ISO 19011)
  • 5 years minimum information security experience ideally in a fast paced, changing environment

The following skills are preferred but not required:

  • ISO/IEC 27001 Lead Auditor, PCI QSA
  • Understanding of information security frameworks such as ISO/IEC 27001:2013, COBIT, NIST CSF, System and Organization Controls (SOC) Trust Service Principles (TSP)
  • Familiarity with threat modelling and security design review methodologies
  • Experience in professional service and delivery process development (to support our continued business growth)
 
Travel Expectations: Yes.



Equal Opportunity Statement:  

  

Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status. 



その他の詳細

  • 職務ファミリ Canada
  • 支払タイプ 給与
  • 出張の必要性 あり
Location on Google Maps
  • カナダ アルバータ エドモントン
  • カナダ オンタリオ オタワ
  • カナダ オンタリオ トロント
  • カナダ サスカチュワン レジャイナ
  • カナダ ニュー・ブランズウィック フレデリクトン
  • カナダ ニュー・ブランズウィック モンクトン
  • カナダ ノバスコシア州 ハリファックス
  • カナダ マニトバ ウィニペグ