Business Information Security Officer
About The Position
The Acquisition Security Program (ASP) team is seeking an experienced Business Information Security Officer/Senior Security Consultant to evaluate security risks in acquired organizations and recommend solutions. You will use your expertise to assess security controls, communicate compliance requirements to stakeholders, and demonstrate how TELUS protects systems, data, and customers. This role offers the opportunity to strengthen our organization's security posture during critical acquisition phases. As a Business Information Security Officer/ Senior Security Consultant, you will assess the security readiness of organizations TELUS plans to acquire or has recently acquired. You will oversee the development and maturity of our acquisition security program. You will apply your expertise in security technology and industry best practices to evaluate and continuously improve our security policies and standards. You will also manage our internal security procedures and documentation. You will collaborate with colleagues and external partners. You will leverage your technical expertise in compliance, risk management, regulatory requirements, and security architecture to provide guidance to teams across TELUS.
Requirements
- Minimum of 5 years of experience in information security
- Bachelor degree in Computer Science, engineering or related discipline
- Ability to communicate security requirements and compliance implications clearly to executive leadership and other stakeholders
- Ability to analyze complex security challenges and explain them in straightforward, accessible language
- Hands-on experience with IT security assessments, information security consulting, or IT risk analysis
- Demonstrate leadership capabilities, strong collaboration skills, and be a dependable partner to internal and external stakeholders
- Proficient in developing and maintaining documentation for security compliance and establishing achievable objectives
- Track record of evaluating information security systems and developing improvement recommendations
- Advanced knowledge of English is required
Nice To Haves
- Professional certifications in security, risk management, or auditing (such as CISA, CRISC, CISSP, or CISM)
- Knowledge of industry frameworks and standards, including NIST, ISO 27001/2, PCI-DSS, or COBIT
Responsibilities
- Evaluate project requirements and provide recommendations that align with industry best practices and standards
- Prepare clear and comprehensive communications (written and verbal) to respond to auditor and customer inquiries
- Assess the security posture of acquisition targets and document findings to inform investment decisions
- Deliver actionable recommendations to strengthen acquisition security policies and procedures
- Develop and implement long-term strategies to advance our acquisition security program
- Manage multiple concurrent projects independently while managing time and priorities effectively
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
