University of Calgary
UofC Navigation

Specialist, Governance, Risk and Compliance, Architecture & Security, Information Technologies

This job posting is no longer active

Job ID: 14281

Updated: November 24, 2017

Location: Main Campus

Position Overview

Information Technologies is currently seeking a Full-time Regular Specialist, Governance, Risk and Compliance.

Reporting to the Lead, Risk and Compliance, you will be accountable to ensure that our core processes, control policies and compliance requirements align to the needs of our business, provide an appropriate level of risk and value. 
This role will focus on developing, enhancing and maintaining end-to-end processes in compliance with supporting control frameworks for managing the university´s information and related technologies. The IT Security team provides leadership and technical guidance to both IT and Client departments on the identification and mitigation of risk.

The position is subject to high stress and requires balancing multiple priorities with tight deadlines. There may be a requirement for after-hours work, depending on the nature of the projects and initiatives currently underway.

Position Description

Summary of Key Responsibilities (job functions include but are not limited to):

Governance

  • Provide cross faculty support to help define Policy and provide guidance on standard requirements for IT processes supporting organizational objectives
  • Ensure that compliance requirements such as PCI are reflected in policy and standards
  • Manage the governance and oversight of compliance programs such as PCI and provide guidance on program audits.
  • Provide consultative and regulatory expertise for the development and review of procedures for disaster recovery and security incident management documentation

Risk

  • Conduct detailed information security assessments of information systems maintained internally, as well as those systems outsourced to third-party service providers per established policy standards, and procedures.
  • Perform risk assessments to ensure that IT risks are identified, assessed, managed, and monitored continuously
  • Perform risk analysis for University functional areas to identify points of vulnerability and recommends disaster avoidance and reduction strategies.
  • Conduct business impact analyses and assists University business units to determine critical business processes

Compliance

  • Manage assessment of applications, infrastructure, and associated processes against organizational and external Standards.  This includes documenting results of assessments to include non-compliant issues, mitigating controls, associated recommendations for remediation plans, and supporting documentation where applicable
  • Assist Business Unit management with the implementation of remediation plans as required and tracking remediation items until closure
  • Review assessment results with senior management and members of the Information Technology as appropriate
  • Plan, coordinate and assist with the execution testing of General Computer Controls (GCCs) across all IT segments

Qualifications / Requirements:

  • Bachelor's Degree (IT, IS, or business administration with IT focus) or equivalent certification with 5-7 years' IT experience
  • CISA and/or CISM is preferred
  • Familiarity with applicable legal, regulatory, industry, and contractual obligations such as CASL, FOIP act, and PCI-DSS
  • Proficient with the use of risk and control frameworks, and process improvement models, such as COBIT, ISO 31000, COSO, ISO 27001, ISO 27002, ITIL and CMM
  • 3-5 years of related Risk and Compliance experience.  A combination of education and experience will be considered.
  • Demonstrated problem solving skills
  • Ability to work with minimal supervision
  • Excellent verbal and written communication Skills
  • Excellent presentation and training skills
  • Knowledge of MS Office Suite & SharePoint
  • Experience delivering automation solutions combined with business process improvement initiatives
  • Experience working with and presenting to upper management and senior executives
  • Criminal background check and credit check may be required

Application Deadline:  November 23, 2017

We would like to thank all applicants in advance for submitting their resumes. Please note, only those candidates chosen to continue on through the selection process will be contacted.

 

Additional Information

This position is classified in the Professional Career Band, Level 3 of the Management and Professional Staff Career Framework.

To find out more about management and staff opportunities at the University of Calgary and all we have to offer, view our Management and Staff Careers website.

 

About the University of Calgary

The University of Calgary is Canada’s leading next-generation university – a living, growing and youthful institution that embraces change and opportunity with a can-do attitude. Located in the nation’s most enterprising city, the university is making tremendous progress on its Eyes High journey to be recognized as one of Canada’s top five research universities, grounded in innovative learning and teaching and fully integrated with the community it both serves and leads. The University of Calgary inspires and supports discovery, creativity and innovation across all disciplines. For more information, visit ucalgary.ca.

The University of Calgary recognizes that a diverse staff/faculty benefits and enriches the work, learning and research experiences of the entire campus and greater community. We are committed to removing barriers that have been historically encountered by some people in our society. We strive to recruit individuals who will further enhance our diversity and will support their professional success while they are here. We encourage all qualified applicants to apply, however preference will be given to Canadian citizens and permanent residents of Canada.

 

Need help?

Visit Application Help & FAQs for answers to common questions