Information Security Consultant (ID#3841)

We are seeking an Information Security Consultant to help our client conduct a cyber security risk assessment of its contracted clinical Service Providers. The cyber security risk assessment should identify cyber security capability improvement areas required by these Service Providers.

Responsibilities:

• Prepare and validate a final questionnaire for use in this assessment, based on industry recognized standards and which is suitable for the scale and scope of the Service Providers’ responsibilities (e.g. H-ISAC)
• Configure the questionnaire within an electronic survey platform, in order to efficiently conduct this assessment across the significant scale of providers
• Gather, collate and validate the contact information of the survey participants
• Prepare any introductory communication material to facilitate the onboarding of Service Providers to the process, including communications such as introduction emails, user guides, FAQs and overall communication of approach and expected outcomes
• Operate the survey process across the in-scope ~500 Service Providers
• Collate the survey results and identify:
  • Common cyber security gaps and associated risks
  • Specific high-risk areas or Service Providers
  • Develop recommendations for CMO to manage risks
  • Provide a roadmap action plan for CMO to implement these recommendations

Requirements:

• Experience in assessing cyber security maturity of third parties
• Experience in security risk assessments within the public and health sectors
• Strong written and verbal communication skills
• Project Management experience and / or certification an asset
• Security certification and / or credential

If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.

ID#3841