Managing Consultant, Governance, Risk, & Compliance (GRC)

TELUS•Vancouver, BC

62d•Remote

About The Position

In today's rapidly evolving digital landscape, safeguarding our information is more critical than ever. At TELUS Security, we're not just keeping up—we're leading the charge. We confront the most formidable security challenges with unmatched expertise and state-of-the-art technology. Are you ready to shape the future of cybersecurity? Step into a pivotal role as a Managing Consultant with our Security Professional Services team and make a lasting impact. Define your career with us and be part of a team that doesn't just protect but prevails. We are currently recruiting for an experienced project-based Governance, Risk, and Compliance Management Consultant to join our team, focusing on long-term cybersecurity consulting projects with TELUS customers across Canada. This role requires a self-starter who provides consulting expertise to external TELUS clients. The ideal candidate must possess outstanding relationship skills and strong security knowledge as they deliver consulting engagements. Key responsibilities include security posture/maturity assessments, gap assessments, compliance readiness, and risk assessments for external clients. This highly consultative and collaborative role focuses on helping our customers achieve ambitious business and information assurance goals. This position is virtual/remote in nature, allowing you to “work from anywhere,” though up to 10% onsite work may be required based on client and project requirements.

Requirements

ten or more years of experience working in IT and cybersecurity
ten or more years of experience leading information security assessments, particularly utilizing standards such as NIST CSF, ISO 2700, CIS 18, and CMMC
lead governance, risk and compliance engagements, including performing risk and gap assessments and security audits, from scoping and kick-off through to final delivery
Relevant Professional Certifications that demonstrate expertise, such as ISO 27001 Lead Implementer/Lead Auditor, CISA, CISSP, CISM, CompTIA Security+, PCI DSS QSA, etc
manage project timelines, supported by a Project Manager for large & complex deals, and deliver within the agreed-upon schedule and time allocation
reviewing, authoring, or developing security policies and procedures and excel at executive level communications
ability to explain complex and technical cybersecurity concepts and controls to executive and non-technical audiences
background includes supporting a variety of clients with varying compliance and security needs You assist with client requirements scoping, pre-sales calls, proposal scoping, and statement of work development
An understanding of network-based security and technologies, such as firewalls and IPS, as well as of security infrastructure components associated with Cloud technologies and on premise requirements.
Experience with Payment Card Industry PCI DSS audits is highly valued for this role
Advanced knowledge of English is required

Nice To Haves

Knowledge of regulatory compliance frameworks that our client base is subject to (e.g., HIPAA, PCI-DSS, SOC 2, ISO 27001/2, NIST CSF, CMMC, etc.)
Experience with assisting customers to prepare for their ISO 27001/SOC2 audit
Knowledge of Privacy Management practices and regulatory requirements, knowledge of PCI-DSS compliance audit, knowledge of vulnerability standards and knowledge of security architecture standards
E-F bilingual or business level communication skills in both English and French is an asset
Related post-secondary education, with a University degree preferred
Government of Canada security clearance (Secret), or the ability to obtain specified clearance