AVENIR GLOBAL is a Montreal-based holding and management company with an active operations mindset and a hands-on approach to all its investments. A global powerhouse of specialist communication firms, AVENIR GLOBAL has 1,000 staff and 22 office locations across Canada, the U.S., Europe and the Middle East. We rank among the top 20 largest communication firms in the world.
The candidate will perform activities related to cybersecurity, governance, risk, compliance, and security awareness and training. While reporting to the Chief Information Security Officer, they will support the business objectives through close collaboration with the Information Technology function to maintain a continuous security mindset across all aspects related to technology. Activities will also include working directly with the business to support a strong security posture that enables business objectives for staff across the globe.
What you will do
- Regular access reviews to ensure least privilege and segregation of duties are respected
- Perform analysis of vulnerability assessments and coordinate remediation with IT teams
- Review results of penetration tests and coordinate remediation with stakeholders
- Assist with escalations received from level 1 and 2 incident management teams
- Review and work towards addressing requests received from the internal help desk
- Execute security assessments of various technologies as per industry standards (e.g., NIST & CIS)
- Project advisory to assist in planning and ensure security requirements are met
- Manage security awareness and training platform and generate metrics as required
- Review results of training with management and adapt program as necessary
- Attend weekly change advisory board meeting to review proposed change requests
- Develop internal documentation and perform regular reviews of current documentation
- Execute internal audits as per the approved annual audit plan
- Review evidence required to remediate audit findings and update actions plans
- Coordinate testing of internal controls and evidence gathering for external audits
- Attend meetings and support requests from client and vendor risk management teams
What we are looking for
- Availability to work on-premises in downtown Montreal office (hybrid remote work model)
- Possess certifications from well-recognized institutions such as ISC2 and ISACA
- In-depth knowledge of information security concepts, methodologies, and processes
- Experience with frameworks and standards such as NIST CSF and ISO 27001/27002
- Solid understanding of information security risk and global regulatory requirements
- Demonstrated knowledge of compliance subjects including GDPR, PIPEDA, HIPPA, etc.
- Experience working with cloud technologies such as Microsoft 365 and Azure
- Good combination of business-facing experience and technical knowledge
- Strong communicator with ability to clearly articulate verbally and in writing
- Keen interest to strengthen current skillset through continuous learning
- Ability to adapt to challenges and effectively drive results to completion
- Team player and able to work independently with minimal supervision
- Strong analytical, problem-solving and decision-making skills
- Well organized with excellent time-management skills
- Meticulous and exercises strong attention to detail
- Fluently bilingual in French and English
NATIONAL is committed to employment equity and we encourage applications from all qualified candidates. We value diversity and creating an inclusive culture where everyone can bring their true selves to work. We are committed as a company to equitable practices and policies that encourage a diverse workforce and work environment.
If you require a special accommodation, please advise the Human Resources Manager or Hiring Manager during the hiring process.