We are looking for a skilled IT professional with expertise in governance, risk, and compliance for the role of GRC Analyst. The Analyst will conduct information security risk assessments, assist in the development and documenting of deployment and configuration guides, and will be actively involved in evaluating the adherence to Four Seasons internal information security controls.
College or University degree in Computing/Information Systems/Information Security.
Experience: Three to five years of experience working with security technologies and IT governance.
- Conduct information security risk assessments by following the Four Seasons internal risk assessment methodology and template.
- Assist in developing and documenting secure solution deployment and configuration guides as the direct result of the completed risk assessments.
- Day to day evaluation of adherence to Four Seasons internal information security controls.
- Identify weaknesses in the in place operational processes, systems and network and escalating these observations for management prioritization.
- Participate in conference calls with hotels and vendors to gather information and to work on specific tasks as required.
- Promote information security awareness by providing hands on training and mentoring in the areas of GRC.
- Work with a multi discipline team to create a solid information technology infrastructure, and collaborate with clients to ensure that the relevant policies and procedures are implemented.
- May also be involved in the execution of internal audits and the creation of internal audit reports.
Competencies and Technical Skills:
- A strong technical understanding and hands-on experience with computer networks is a must have
- Ability to clearly communicate with technical and non-technical stakeholders is essential
- Ability to work independently and with minimal supervision
- Demonstrated knowledge in the areas of risk assessment, strong understandings of secure communications, secure data storage, secure systems development, secure systems deployment and documentation
- Ability to rely on extensive field experience and judgment to plan and accomplish set goals
- Familiarity with a variety of the information security, networking, and governance concepts, practices, and procedures
- Demonstrated understanding of real world application of (ISO/IEC) 17799:2005(E) standards, COBIT and RISK IT frameworks and PCI-DSS requirements
- Expert working knowledge report creation and data analysis via MS-Word, PowerPoint and Excel applications
- Must be able to quickly absorb a high volume of company specific knowledge, understanding new technologies and their impact on the company''s overall security posture
- Well rounded understanding of the information security risks generated by incorrectly deployed and configured applications
- Demonstrated ability to multi-task and operate in a high stress environment
- Strong analytic skills and is able to propose creative solutions to problems
Internal transfer requests must be submitted and approved in workday by March 14 2018.
Candidates must hold Canadian work eligibility.Four Seasons is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. If contacted for an employment opportunity, please advise Human Resources if you require accommodation.
- Job type
- Old Toronto, Toronto, Canada
- Starting in
- As soon as possible