Menu Close Menu
Français
Shaw Communications
Printer friendly interface

Senior Security Risk Analyst

Department name: Security
Business unit: TOPS
Position ID: J0721-2214

A little about us

What we do at Shaw matters - in a world where being connected has never been more critical, we bring the best wireline and wireless technology and solutions together to create exceptional customer experiences. Every day we help millions of Canadians live their best-connected lives through the strength, capacity and combined power of our Fast LTE and Fibre+ networks.

At Shaw we say we’re brighter together, and we believe it’s the diverse mix of brilliant people here that really makes us shine. When you join our team, you’ll see we are so much more than just a company. Shaw connects you with limitless opportunity, an incredible culture, career development and a great benefits package. We are a friendly, collaborative group, and we have a lot of fun finding new ways to delight our customers.

Come dream bigger and brighter with Shaw.

The role

The successful candidate will be an integral member of the Security Standards, Risk and Compliance team. Reporting to the Manager, Security Risk, the successful candidate will be focused on conducting enterprise-wide security risk assessments, overseeing risk remediation activities, as well as being involved with other team members in executing the security awareness plan.

The Security Risk team is a business-facing team focused on managing security risks related to third-party relationships, Information Technology Projects, Operational Initiatives, etc. This position will appeal to an individual seeking a key contributor role in a fast-paced, team environment that offers a breadth of influence and a connection to the rest of the organization.

A typical day

• Executing Threat Risk and Vulnerability Assessment (TRVA) to enable project and operational teams to securely manage risks to an appropriate level.
• Provide technical leadership in the execution of TRVA engagements and provide support to junior staff.
• Independently consults with and guides sponsors, control owners, solution architects and operational teams to ensure that security and risk are appropriately managed.
• Find the most efficient and effective way to reduce the risk to an acceptable level by providing stakeholders with multiple options.
• Provide effective and concise reporting of risk to leadership, project, and operational teams.
• Like all employees, the individual is accountable for all activities performed using Shaw information systems, customer and employee data, and their behavior with respect to physical assets and locations.
• Coordinates the development of action plans for gaps identified during risk assessments and follows up on their implementation with various internal stakeholders.
• Provides support in other audit/risk assessment initiatives as required.
• Proactively stays up to date with emerging risks, threats, regulatory requirements, best practices, and frameworks, and understands how these can affect the business.
• Prepares reports and other required documentation as they relate to communication of results of assessment performed.
• Works with different project teams, Security Architects, and other security teams in supporting the definition of information security requirements for projects and ensures project compliance to these requirements and controls through certification (in collaboration with Security Operations)

Your skills/experience

• 4-6 years in a security or similar role
• Previous experience conducting risk assessment
• Previous experience conducting IT audits considered an asset
• Working knowledge of security concepts
• Skilled in risk identification and management
• Excellent analytical skills
• Creative approach to problem-solving
• Ability to prioritize multiple tasks
• Excellent audit report writing and oral communication skills with the ability to communicate complex messages in a compelling manner
• Ability to navigate through complex systems, ambiguity, and to manage multiple assignments
• Proven capability to manage deadlines and deliver quality results
• Strong interpersonal skills, including interviewing, listening, presentation and written communication
• Ability to maintain composure in stressful situations
• Excellent relationship and team-building skills
• A proven team player & ability to interact and work with people with a variety of backgrounds and at different levels within the organization
• Effective negotiating, influencing and mediating skills
• Listens to feedback and shows eagerness to grow
• Hungry to do more and eager to go above and beyond the norm
• A strong relationship builder who prioritizes collaboration and partnership
• Passionate for challenging the status quo and developing out-of-the-box ideas
• Comfortable with technology and able to engage in discussions with both technology and business teams to understand and explain risks in a way appropriate to his/her audience
• Post-Secondary education (e.g., Computer science degree or diploma-based program).
• Threat Risk Vulnerability Assessment (TRVA) training
• Certified Information Systems Security Professional (CISSP) designation considered an asset
• Certified Information Systems Auditor (CISA) designation considered an asset
• Certified Information Security Manager (CISM) designation considered an asset
• Successful candidates may be requested to provide evidence of completion of educational and/or credentials
• This role will be based in Calgary, AB but is open to candidates outside Calgary

Other details

This position requires the successful completion of a criminal and credit background check.

Posting closing date: August 6, 2021

At Shaw, we believe diversity and inclusion are integral to the continued growth and success of our entire company. We believe diversity and inclusion enhances our Company’s culture and creates a sense of belonging where people feel comfortable bringing their true selves to work. This in turn promotes innovation through harnessing the variety of experiences, thoughts, and perspectives our employees have to offer. We encourage applications from all qualified individuals, regardless of race, gender, age, or any other identifying characteristic.

Shaw Communications, through its third-party vendor, collects and stores information applicable to the candidate profile you create when you submit the information asked for below. The use and disclosure of the collected information is for the sole purpose of job search and placement activities for Shaw Communications. The information is subject to Personal Information Protection and Electronic Documents Act. The information will be retained and when disposed of, it is done so in a secure manner. Your profile will become inactive and moved to the archive if you do not access your profile for a period of 1 year.

We thank all applicants for their interest; however, only selected candidates will be contacted. No telephone calls or agencies, please.