Sr Consultant, Cyber Risk (GRC)
Oct 31, 2023
Eligible for Remote
** Hybrid-Remote position with 10% travel over a year outside GTA (maybe once or twice a year) **
As a Fortune 200 leader, we are the driven professionals and technology experts Canadian companies turn to most often to serve their information technology, security and privacy needs. Our Cyber Risk consulting positions provide you with accelerated opportunities to turn your ideas into action as you help our customers assess and improve their security and privacy posture. As a key member of our Risk Advisory Services team, you will join some of the brightest and most diverse minds working in governance, risk and compliance today.
In this high-profile consulting opportunity, you will draw on your previous consulting experience, industry knowledge and analytical skills to identify, design and implement information security and privacy solutions for our small, medium and enterprise business customers. Through the integrity, care and quality we demonstrate on customer engagements, they will realize that beyond receiving leading-edge consulting, they are gaining a trusted advisor and partner.
What you’ll do
- Act as a trusted advisor to management level staff for small, medium and enterprise business clients to determine security program vision, direction, and requirements.
- Deliver all standard Cyber Risk GRC services (i.e., Governance, Risk, and Compliance).
- Lead complex client projects that are non-standard Cyber Risk services.
- Write technical procedures, policies and standards according to client requirements.
- Lead and/or conduct information security program implementations.
- Conduct or manage information security gap and risk assessments (e.g., ISO 2700x, CIS Controls, PCI DSS, SSAE 18 SOC 1-3, NIST, etc.).
- Develop security roadmap documents.
- Communicate ideas, risks, strategy in verbal or written format.
- Maintain up-to-date knowledge of security threats, industry trends, countermeasures, security tools, processes, and technologies.
- Develop and maintain client relationships at all levels of client organizations.
- Assist clients in the implementation and/or remediation of information security controls.
- Provide significant contributions to internal process improvement initiatives.
- Provide mentorship to less experienced team members.
- Lead and engage in marketing thought leadership initiatives (e.g., proactive involvement in industry podcasts, blog writing, presentations / webinars, etc.)
- Build strong and frictionless relationships with CDW internal teams to maintain a united workforce and enable the achievement of business objectives.
What you need to succeed
- 4+ years of lead consulting or information security experience.
- Deep understanding or background in information security and information technology concepts.
- In-depth knowledge of internationally recognized standards such as: ISO 27001/17/18, PCI DSS, NIST CSF, CIS Controls, SSAE 18, etc.
- Familiarity with IT governance frameworks such as: ITIL, COBIT
- Experience in or working closely with IT Service Management processes and best practices (e.g., change management, incident management)
- Hold a CISA and/or ISO 27001 Lead Auditor / Internal Auditor designation.
- Hold one or more of the following designations: CISSP, CRISC, CISM, CIPP/C, CCSP, CCISO
- Strong verbal and written communication, and ability to present with a high degree of comfort speaking with executives, IT Management and business stakeholders.
- Strong interpersonal skills to effectively engage with different personality types, both internally with CDW staff and externally with clients.
- Trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions etc.), and willing to undergo vetting to verify this if necessary.
- Strong proficiency in MS Office Products (Outlook, Word, PowerPoint, Excel and Visio)
- Hold a relevant college or university degree.
- An understanding of business functions and their interdependencies.
- An understanding of how to manage the political aspects of relationships amongst the client’s staff community.
- A willingness to build relationships with client subject matter experts beyond the primary client project sponsor.
- Certified Chief Information Security Officer (CCISO) designation.
Who we are
CDW is a leading technology solutions provider to business, government, education and healthcare organizations in Canada, the United States, and the United Kingdom. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced startups to international conglomerates. With the breadth of products and services we offer, combined with the expertise of our specialists, there is no request too big or too small. A unified team of challenge takers, diverse thinkers, and problem solvers, we believe when you enjoy what you do and who you do it with, you do your best work. And that means everyone wins.
Awards and Recognitions
- #178 on the Fortune 500 list
- #81 on Glassdoor's Best Places to Work
- #1 on Channel Daily News’ Top 100 Solution Providers List across Canada
- Fortune’s Future 50, an index that evaluates the long-term growth prospects of major public companies
CDW offers a variety of benefits, perks and development programs that enable coworkers to perform at their best personally and professionally. We understand the importance of work/life harmony and strive to help our coworkers achieve it. Core benefits include:
- Comprehensive package: healthcare, dental, vision, paid vacation time and sick days
- Coworker stock purchase program
- Coworker discounted purchase program
- Tuition reimbursement for those wishing to further their education