At Noverka, our values illustrate who we are and define our beliefs : Human, Transparent, Passionate. We are driven by innovation and success, both in our relationships and in our practices.

Finding the right job for the right person is what we do best!Our client, an organization in the Investment industry is looking for a Consultant, Information Security.

Job descriptionAs a member of the Information Security Team, more specifically the Security Culture and Reporting team, the incumbent will be a key contributor for the execution of initiatives in the security awareness and training program, supporting risk-aware culture.

The incumbent will be an active collaborator in the security reporting cycles to provide the organization with timely and accurate information risk patterns and trends, assess the severity of their potential impact and develop strategies to mitigate or prevent them.

Finally, they will support other strategic, tactical and operational activities under the responsibility of the Information Security team.

• Your role and responsibilitiesContribute to the security awareness and training program to support continuous education on security related topics;
• Support the insider threat program definition and execution, including components such as data loss prevention;Develop and operationalize information security key performance indicators and dashboards that will be reported to executive management in order to drive cyber risk discussions and investments;
• Coordinate and publish various security reports to give visibility on our security posture and our top risks, show trends, support risk-informed decisions and prioritize strategies to improve security measures;
• Contribute to the deployment and socialization of information security processes, tools and best practices across the organization;
• Represent Information Security within working groups for various initiatives or activities, to ensure that information security requirements are communicated and respected;
• Keep abreast of industry relevant information security trends and risks.Expertise required : Bachelor’s degree in information technology, computer science or business administration (major / specialization in information systems is considered an asset);
• Relevant professional designation : CISSP, CISM, CISA, CRISC, or CGEIT, an asset;At least 7 years of relevant professional experience in an information security and / or technology risk position;

Previous experience in financial institutions or in the investment sector, an asset;Deep knowledge and understanding of information security, risk and control frameworks, standards and best practices (ISO 27001, NIST, COBIT, ITIL, etc.

Knowledge of trends and developments in the areas of information security and risk management through to completion;Bilingualism (French and English).