Basic Information

Ref Number

Req_00145569

Primary Location

SV - Antiguo Cuscatlan - Las Cascadas

Państwo

Salwador

Work Style

Hybrid

Description and Requirements

About the role:


The IT GRC Lead will be responsible for leading several existing governance, risk and compliance initiatives while also ensuring that internal systems are compliant with security standards. The IT GRC Lead’s responsibilities include timely meeting of the security and compliance requirements, control deficiencies and information security risks.


Responsibilities:


  • Develop and maintain IT policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices

  • Lead internal and external compliance/audit projects to timely completions on multiple security and compliance frameworks (e.g. SOC 2, PCI, ISO, NIST, GDPR, CIS, COSO, HITRUST, PIPEDA and FISMA) and manage the roadmap of corresponding mitigating controls.

  • Map multiple requirements across the information security framework to identify gaps, develop mitigation plans and timely execute them

  • Manage third-party risk for critical vendors and ensure completion of internal risk assessments 

  • Manage expectations from critical stakeholders around security policy/risk management

  • Support sales teams in the completion of RFPs and client or vendor security questionnaires

  • Manage client contractual obligations around security and compliance

  • Lead periodic gap assessments to validate compliance on an ongoing basis to ensure that proper controls are in place and risks are appropriately mitigated

  • Collaborate with cross-functional teams to monitor and remediate control deficiencies against established deliverables and timelines

  • Providing guidance and training to IT teams on GRC best practices and standards.

  • Keeping abreast of developments in IT risk management and compliance trends to recommend improvements to the organization's GRC program.


Requirements:


  • Relevant education and certifications in audit, information assurance, corporate governance and/or risk management (preferably)

  • 7+ years of progressive experience in the IT risk, security, compliance, or audit field

  • Minimum 5+years of experience conducting security control assessments and audits for on-premise and cloud platforms (SOC 2, PCI, ISO)

  • Knowledge of risk and security controls for cloud platforms (GCP, AWS, Azure) highly desired

  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP) highly desired

  • Strong analytical and critical-thinking skills

  • High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities

  • Ability to work under pressure and meet tight deadlines

  • Ability to communicate issues to technical and business representatives, in both written and verbal forms

  • Demonstrate ability to negotiate resistance effectively and win concessions without damaging relationships

  • Experience with GRC tools

  • Bi-lingual (French) an asset



What’s in it for you:

  • Private medical and life insurance from day one.

  • Employee Stock Purchase Plan ESPP

  • Budget for professional growth (certifications)

  • Schedule flexibility.

  • Extra bonus based on performance.


Additional Job Description


The IT GRC Lead will be responsible for leading several existing governance, risk and compliance initiatives while also ensuring that internal systems are compliant with security standards. The IT GRC Lead’s responsibilities include timely meeting of the security and compliance requirements, control deficiencies and information security risks.


EEO Statement

At TELUS Digital, we enable customer experience innovation through spirited teamwork, agile thinking, and a caring culture that puts customers first. TELUS Digital is the global arm of TELUS Corporation, one of the largest telecommunications service providers in Canada. We deliver contact center and business process outsourcing (BPO) solutions to some of the world's largest corporations in the consumer electronics, finance, telecommunications and utilities sectors. With global call center delivery capabilities, our multi-shore, multi-language programs offer safe, secure infrastructure, value-based pricing, skills-based resources and exceptional customer service - all backed by TELUS, our multi-billion dollar telecommunications parent.

Equal Opportunity Employer

At TELUS Digital, we are proud to be an equal opportunity employer and are committed to creating a diverse and inclusive workplace. All aspects of employment, including the decision to hire and promote, are based on applicants’ qualifications, merits, competence and performance without regard to any characteristic related to diversity.
× -