Education

• College or University level education or equivalent level of experience in the industry.

• Completion of a Security-related certification (CISSP, CISA, GIAC, etc.) is mandatory.

Experience 
• Minimum 8 years of tactical and operational experience in governance, risk, and compliance, or information security, with a focus on risk management, audit, and compliance. 
• Knowledge and practical experience with the following risk management frameworks\: ISO 27001/2, NIST, PCI, SOC2, and PHIPA/PIPEDA. 
• Knowledge of global cybersecurity, technology, and data privacy regulatory requirements 
• Experience reporting policy and compliance posture to senior stakeholders. 
• Ability to direct cross-functional work and hold others accountable to committed deadlines. 
• Experience with auditing cloud infrastructure with cloud standards and certifications (CSA, NIST) 
• Governance, Risk, and Compliance Experience in the healthcare sector is a valuable advantage. Other Skills and Abilities 
• Ability to work independently with minimal supervision. 
• Strong analytical skills along with the ability to effectively communicate complex security related information, including risk identification, assessment, and remediation activity. 
• Strong verbal and written communication skills are essential. 
• Ability to work effectively and collaboratively with internal staff, external partners, and stakeholders. 
• Demonstrates high ethics and trust values.