Job Opening in Vancouver Area
Current Job Postings
Information Systems (IS) Auditor
Teck Resources Limited, Vancouver - BC
Reporting to the Manager, Internal Audit , the Information Systems (IS) Auditor is responsible for assisting in the achievement of all aspects of the Teck Resources Limited Internal Audit Mandate , the achievement of the specified annual Audit Department objectives and the timely achievement of the Teck Resources Audit Plan and Annual SOX Controls Compliance Audit Plan.
•Identify and evaluate the organization’s technology risk areas and provide key input to the development of the internal audit plan.
•Either independently or as a part of the audit team, undertake information systems, information technology and operational technology audits, Sarbanes-Oxley controls compliance testing, special projects and ad hoc work assigned by the Director Audit & Operational Review.
•Establish the objectives and scope of assigned corporate information technology (IT) audits for agreement with the Director Audit & Operational Review and with the Auditee.
•Plan and execute audit projects designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.
•Demonstrate and apply a thorough understanding of complex information systems. Prepare audit work papers and reports documenting the result of reviews of assigned activities and recommended management action.
•Use relevant audit programs in the conduct of internal audits and the Sarbanes-Oxley controls compliance audits that have been developed by Teck or developed by the I.S. Auditor as necessary and agreed with the Director Audit & Operational Review .
•Communicate effectively with Auditees on the objectives, scope and reporting protocol for audits and in explaining audit findings and recommendations and in conducting appropriate audit exit meetings with the most senior site member of management or where at head office, with the most senior functional head.
•Provide Senior Management and the Audit Committee with an independent assessment of the Company’s systems of internal controls and prepare timely audit reports for issuance to the Auditee and Senior Management.
•Develop for each audit, recommendations that will improve the Company’s overall systems of internal control and assist in mitigating risk and in improving the efficiency, effectiveness and profitability of the Company and ensure compliance with the requirements of the Sarbanes-Oxley Act.
•Assist in development of the Information Systems Audit plan; define the scope, schedule of the audit projects and agree with the Director Audit & Operational Review.
•Participate as advisor to, or assess, major and critical Information System projects.
•Meet Information System management periodically to identify major changes and security concerns and update the Director Audit & Operational Review as required.
•Conduct audit follow-ups as necessary and report upon the implementation status of audit recommendations to the Director Audit & Operational Review, Senior Management and the Auditee.
•Maintain adherence to the Standards for the Professional Practice of Internal Auditing (Institute of Internal Auditors) and maintain up to date knowledge of information systems audit practices.
•Certified Information Systems Auditor designation (CISA) and/or undergraduate degree in Computer Sciences,
•A CISSP/CISM designation is desirable.
•A minimum of three years operational IT audit experience in an environment that provides exposure to sophisticated information systems audit techniques, network security, technology infrastructure, software development, project management, or a related field.
•Demonstrable understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology.
•Considerable knowledge of and skill in applying technology auditing principles including IT Controls Framework, COBIT, ISO, NIST, SANS, or Global Technology Audit Guides (GTAG)
•Broad based knowledge of IT/IS environments, including networks, Unix, JD Edwards, Oracle, Microsoft Windows, SQL, SAP and Dynamics AX
•Knowledge of industrial control systems and other operational technology and ISA99 Standards.
•Ability to perform reviews of Operating Systems, Network, Database, web and ERP applications
•Knowledge of Control Objectives for Information and Related Technology, Accepted Auditing Standards, Standards for the Professional Practice of Internal Auditing.
•Strong PC skills and the ability to determine and use appropriate audit tools and techniques
•Information Systems Security experience is an asset
•Effective oral and written communication skills, including active listening skills and skill in presenting findings and recommendations for improvement
•Critical thinking capability to gather relevant information, perform detailed analysis and develop well-reasoned conclusions and solutions.
•Ability to work independently, be self-motivated and be prepared to travel
•Desirable to have working knowledge of Spanish
•Ability to consciously exploit new ideas or reinvent ideas to provide new solutions.
•Exposure to Sarbanes-Oxley Section 404 and an understanding of the general compliance requirements related to information technology.
We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.
Your application to this posting is deemed to be your consent to the collection, use and necessary disclosure of personal information for the purposes of recruitment. Teck respects the privacy of all applicants and the confidentiality of personal information.
Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal, zinc and energy. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.
The pursuit of sustainability guides Teck’s approach to business. Teck is building partnerships and capacity to confront sustainability challenges within the regions in which it operates and at the global level. In 2016, Teck was named to the Dow Jones Sustainability World Index (DJSI) for the seventh straight year, indicating that Teck’s sustainability practices rank in the top 10 per cent of the world’s 2,500 largest public companies in the S&P Global Broad Market Index.
Learn more about Teck at www.teck.com or follow @TeckResources.
Posted on July 20th, 2017
* * * * * * * * * * * * * * * *
Visier, Vancouver - BC
We are looking for a Governance Risk & Compliance (GRC) Specialist to support our GRC &
Privacy team. Visier is a fast moving and creative company for dedicated individuals who can thrive
in our environment.
Visier has enterprise level clients such as PayPal, Yahoo, Exelon, Micron, who rely on us for
business intelligence solutions to accelerate the success of their businesses. The successful
candidate will support our team’s functions and processes to assist Visier in protecting our
customers’ data and comply with relevant laws, regulations, and controls.
What you’ll be doing…
•Assist in the audit process including conducting interviews with internal team members,
observing operations, reviewing transactions and documents, and completing documentation
in working papers and audit reports.
• Conduct follow up and monitoring of the audit process to ensure corrective actions are
• Assist in the development of risk management controls and systems, development of policies
and procedures, and privacy reviews and assessments.
• Provide sales support by presenting GRC practices and controls including responding to
information security and privacy questionnaires and requests from prospects.
• Provide administrative support and completing projects for the GRC & Privacy team including
organization of files and reviewing documentation, updating intranet site, and scheduling
events and tasks such as audit processes, privacy training and policy updates.
• Conduct research of GRC, privacy, and information security issues to help the team remain
up to date on current practices.
What you’ll bring to the table…
• Minimum 1+ years of experience in audit, risk management, privacy and/or compliance
practices, principles, procedures, and techniques.
• Relevant certifications in audit, information security and/or privacy would be considered an
• Excellent written and verbal communication skills.
• Ability to prioritize in a fast-paced environment.
• Ability to take instruction and guidance.
• Excellent interpersonal relationship skills.
• Organized with attention to detail.
• Successful completion of background checks is an ongoing requirement of this role.
For more details and how to apply, please click here
Posted on July 14th, 2017
* * * * * * * * * * * * * * * *
Senior Internal Auditor
Fortis BC Holdings Inc, Burnaby - BC
Working in accordance with the organization’s strategic vision, core values and leadership competencies, this position is responsible to provide professional internal audit expertise in the planning, execution and reporting of internal audit projects.
Provide professional internal auditing expertise in the planning, execution and reporting of Internal Audit projects within budget and deadlines. Identify and evaluate the organization’s risk areas and provide key input to the development of the annual audit plan.
Lead business process reviews to evaluate the design, operating effectiveness and efficiency of internal controls over operations. Lead reviews to assess the integrity of the financial statements and to evaluate the adequacy/efficiency of accounting, financial and operating procedures established for business control purposes. Prepare and assist in the preparation of audit reports with appropriate action plans that will aid management.
Effectively communicate audit findings with management personnel. Review and report on the status of action plans to implement improvements. Assist management on special projects and assignments as needed.
Assist with implementation of Sarbanes-Oxley Act Section 302 and Section 404 (SOX). Lead reviews to assess compliance with SOX and established corporate policies. Assist in the application of the COSO Framework related to external financial reporting and COBIT Framework related to IT General Controls.
Assist in the development of Internal Audit policies, procedures and methodologies. Provide training, coaching and guidance to Internal Audit staff in conducting audits and other audit-related issues.
Effectively communicate and collaborate with others in the provision of internal audit services. Conduct oral presentation of final results and recommendations to management. Represent Internal Audit on organizational project teams at management meetings and with external stakeholders. Keep current with developments in auditing methodology, governance and compliance issues including best practice methods and common industry issues.
Conduct work in a manner that prevents injuries and incidents, and contributes to FortisBC’s Target Zero Mission. Maintain knowledge and understanding of safety policies, practices and procedures. Lead by example by putting safety first at all times.
Requirements Education and Experience
• Completion of CISA designation.
• Professional Accountant designation (CPA, CA) or Certified Internal Auditor designation (CIA) from a recognized institution plus a minimum of seven (7) to ten (10) years directly related experience in a large organization or an equivalent combination of education, training and experience.
• Knowledge of generally accepted auditing standards (GAAS) in Canada and US GAAP.
• Knowledge of the Standards for the Professional Practice of Internal Auditing and the Code of Ethics developed by the Institute of Internal Auditors.
• Knowledge and internal or external audit experience in implementing, and ongoing auditing of, Sarbanes-Oxley Act Section 302 and Section 404.
• Knowledge of the COSO framework for the review of financial reporting, operational efficiency and compliance, as well as the COBIT framework for Information Technology General Controls.
• Knowledge of, and experience in, power and natural gas utilities is an asset.
• Must have a valid British Columbia Driver’s License.
• Working knowledge of large ERP systems such as SAP.
• Considerable knowledge and skill in applying auditing practices, procedures and principles.
• Knowledge of financial and operational risks.
• Considerable skill in planning and project management, and in maintaining composure under pressure while meeting multiple deadlines.
• Skill in negotiating issues and resolving problems.
• Skill in conducting quality control reviews of audit work products.
• Considerable skill in effective verbal and written communications, including active listening skills and skills in presenting findings and recommendations.
• Strong business acumen and interpersonal skills.
• Ability to develop creative approaches and solutions necessary to solve complex problems.
• Demonstrated ability to evaluate compliance with established corporate policies and procedures including corporate governance, code of conduct standards, and business ethics policies.
• Demonstrated ability to interact with and present information to senior management level personnel and encourage acceptance of corrective actions.
• Demonstrated ability to align performance goals to strategies
• Demonstrated ability to develop and maintain effective working relationships
• Demonstrated ability to effectively prioritize and execute tasks in a high-pressure environment
• Demonstrated ability to work independently and in a team-oriented, collaborative environment
Posted on June 28th, 2017
* * * * * * * * * * * * * * * *
Internal Auditor IT
Great Canadian Business Centre (Coquitlam , BC)
Reporting to the Director, Internal Audit and Enterprise Risk Management, this position is responsible for testing the effectiveness of internal controls, primarily in IT, including performing general data analytics and business process evaluation and documentation, evaluating findings, providing recommendations and report writing. As with all Great Canadian staff, Internal Auditors will contribute to a safe and welcoming environment for all employees by ensuring adherence to all provincial and internal controls, regulations, policies and procedures.
You can expect to apply your skills and qualifications through the following key accountabilities:
Conducts audits, primarily in IT using industry frameworks (COSO & COBIT) and in adherence to the IIA Professional Standards
Develops and applies testing scripts
Identifies areas of risk
Develops approaches to minimize risk exposures; including development of automated monitoring scripts and tools, including best practice CAATs and continuous monitoring techniques
Evaluates findings and provides recommendations
Assists with driving department transformation programs which will include implementing risk and technology based auditing approaches, streamlining processes and documentation, performance metrics, indicators and dashboards
Communicates effectively with all appropriate operational departments
Builds strong working relationships with stakeholders
Complies with licensing laws, health and safety and other statutory regulations
Performs other duties as assigned or directed.
Our ideal candidates will possess the following:
Personification of Great Canadian’s values in action: Integrity, Team Engagement, Drive to Succeed, Service Excellence and Citizenship
A passion for providing Great Experiences and Memories to our internal and external guests in the continual quest of achieving Service Excellence
Minimum 3-4 years of experience in IT auditing using a modern risk based approach and methodologies
Post-secondary education in technology or suitable combination of education and experience
CIA, CPA CFE or CISA Designations required
CISA Designation or equivalent experience, CFE designation an asset
Excellent communication skills both written and verbal
Computer literacy in MS Office; ACL Analytics & GRC, Visio and/or other technology related tools
Strong organizational and time management skills
Project management skills an asset
Valid BC Driver’s license and access to a vehicle
If this sounds like a GREAT opportunity for you, we invite you register your interest. If your skills and experience are a match for our position, our professional recruiters will be in contact with you. Thank you for your application and your interest in Great Canadian.
Posted on June 19th, 2017
* * * * * * * * * * * * * * * *
Senior Security AnalystSalary $66,200.03 - $75,658.71 annually, plus 6.6% Temporary Market Adjustment - BC Ministry of Education - Victoria, BC
The Information & Technology Management Branch provides a range of information technology and information management services in support of the work of the Ministry of Education. The Branch works closely with the Office of the Chief Information Officer (OCIO) to assure that ministry plans and initiatives are aligned with government’s overall technology direction and standards. Services provided include an IT Helpdesk, advice and support on protecting and optimizing the ministry’s information assets, and services and strategies relating to infrastructure and application management, workstations and devices, enterprise architecture, and business analysis.
As the Senior Security Analyst, you will be responsible for delivering an information security program for the ministry. You will be developing and promoting current and proposed security programs and services to support information security at all levels of the organization as well as guiding the development of existing and new information systems and initiatives to ensure compliance with the Information Security Policy and IM/IT Standards. Skilled at performing security threat and risk assessments, you will be overseeing the review of, and providing direction on, information security incidents. In this position, you will also be developing processes and providing policy and procedure interpretation and awareness to Ministry employees.
Qualifications for this role include:
• Diploma or degree in the computer technology or computer science field, or a related field.
• Preference may be given to candidates with a professional designation as a Certified Information Systems Security Professional or Certified Information Security Manager, or equivalent.
• Minimum 2 years’ experience performing security threat and risk assessments
• Minimum 1 year experience developing information technology security processes to protect sensitive data
• Preference may be given to candidates with experience using or working with Oracle, Java, BCeID, BC Services card, and/or mainframe environments
• An equivalent combination of experience and education/training may be considered.
To learn more about this opportunity and to apply online by June 19, 2017, please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=41503 Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted.
Posted on June 2rd, 2017
* * * * * * * * * * * * * * * *
Project Accountant - Contract River Rock Casino Resort - Vancouver - BC
River Rock Casino Resort is the 2012 to 2016 Winner of the World Luxury Casino Hotel in North America, Trip Advisor’s 2014 winner of the Certificate of Excellence, and Western Canada’s only Four Diamond Casino Resort.
Take the Canada Line Skytrain to Bridgeport and you’re immediately transported to the exceptional River Rock Casino Resort featuring the luxurious Hotel at River Rock. River Rock is home to the best concerts and events in the state of the art River Rock Show Theatre. There’s 24/7 action in Western Canada’s largest Casino Resort, featuring 1110 slot machines, 16 poker tables and 90 table games! Every palate is sure to be pleased at River Rock, where we offer everything from our incredible Buffet, to the sumptuous offerings in Curve Lounge, to Richmond’s most acclaimed West Coast fine dining experience in Tramonto. River Rock has something for everyone!
Whether you work as a Chef on our Culinary brigade, as a Blackjack Dealer, a Server in our International Food Court, or as a Room Attendant in our Hotel, you will have the countless opportunities to provide our guests with the Great Experiences and Memories that have made us famous!
The Official Casino of the Vancouver Canucks, River Rock is your place to shine! Your teammates are just like you – positive, up for a challenge, and always willing to go above and beyond for our guests. If you Expect Great Things, just like we do, we encourage you to apply to join our dynamic team of service professionals today! Starting your career at River Rock is never a gamble – our employees are the best in the business!
Join our Rock Solid team of gaming and hospitality professionals now, at www.riverrock.com!
River Rock Casino Resort currently has an exciting opportunity for a contract Project Accountant (6 month term). This role is responsible for documenting existing flows, developing policies and procedures and recommending improvements. This role will utilize strong accounting knowledge, reporting skills, and effective problem solving to ensure success. This position requires a hands-on team player with excellent communication skills and a dynamic personality. Other responsibilities include:
• Developing policies and procedures for (multiple business lines in a single entity) River Rock which can be expanded (and/or modified) to suit all Enterprise locations
• Ensuring adequate processes and control checks are in place
• Reviewing existing policies and procedures and recommending improvements
• Liaises and communicates effectively with all appropriate operational departments
• Develops and cultivates strong working relationships with all stakeholders, guests, management, employees, vendors, sponsors, community organizers and regulators
• Ensures compliance with licensing laws, health and safety and other statutory regulations
• Performs other duties as assigned or directed
Successful candidates will possess the following qualifications:
• An accounting degree, prefer a designated CPA
• Minimum 5 years Finance or Audit experience, prefer a gaming and/or hospitality environment
• Advanced knowledge of the practical application of business oriented controls, processes and systems
• Solid understanding of Regulatory environments (CEO/CFO certification and SOX an asset)
• Advanced knowledge of MS Office (Word, Excel, Outlook, PowerPoint), Adobe Acrobat, Visio or flowcharting software
• Ability to exceed internal and external customer expectations through timely, effective and service oriented communication
• Technical writing is considered an asset
• Strong planning and organizational skills and attention to detail is required
• Exceptional organization and time management skills
• Excellent communication and presentation skills, both oral and written
• Strong strategic problem solving skills; ability to exercise sound judgment in decision-making
• Ability to work independently, and in a highly collaborative team environment
• Serving It Right Certification or the ability to achieve a Serving It Right Certification
• A commitment to continually increase your knowledge of our products and services in order to offer exceptional experiences to our guests
• A willingness to learn, develop and achieve new skills for personal and professional development
• A passion for providing Great Experiences and Memories to our internal and external guests in the continual quest of achieving service excellence
• Live GCC’s Values on the job: Integrity, Team Engagement, Drive to Succeed, Service Excellence, and Citizenship
Candidates must be ready and willing to work a flexible schedule. The hours of work will be based on customer and business needs.
Thank you for reviewing this job opportunity at River Rock Casino Resort. To start creating your Great Experiences and Memories, apply now @ http://www.riverrock.com/careers/. Come for the opportunity, stay for the experience!
Posted on: May 5th, 2017
* * * * * * * * * * * * * * * *
GRC SpecialistHootsuite - Vancouver - BC, Canada
Hootsuite is more than a social media company. We’re more than a tech company. We’re a collective of creators and makers, builders and hackers, teachers and students.
We believe deeply that social media is revolutionizing how we communicate – and we’re driven by our purpose to champion the power of human connection.
We believe that culture is the compass to success and so our culture manifesto is woven into the fabric of all we do. We seek exceptional talent that believes joining a passionate, egoless team that is building something bigger than themselves, and having fun doing it, matters.
We know you have a lot of choices on where to take your career next. Whether you’re based in Vancouver, Toronto, London, Bucharest, Singapore or any of our 12 nests around the globe, you will have 1,000+ #HootsuiteLife peeps who will have your back to support your growth everyday.
Here’s where it might start…Who You Are...
•Assess the Engineering, Security, IT, Operations, Development, Production, and HR control environment to ensure alignment with Hootsuite’s governance and risk management frameworks
•Project manage Hootsuite’s SOC 2 annual accreditation initiative
•Assist in the development and alignment of Hootsuite practices to SOC2, PCI DSS, and ISO 27001/27002
•Conduct periodic risk assessments and ensure that identified gaps are addressed and remediated in a timely manner
•Perform quarterly control self assessments (CSAs) and internal controls testing to validate that controls are designed, implemented, and operating effectively
•Collaborate with internal teams to analyse security risks and recommend solutions to mitigate these risks
•Prepare and present key risk finding and recommendations to management You’re Great At...
•Degree in Computer Science or Management Information Systems
•A strong IT and audit background is preferred
•Relevant professional designation (e.g. CISA, CRISC or CIA) and operations auditing experience
•2 to 3 years experience in Enterprise Risk Management, Cyber Risk Security, Third Party Risk and Compliance, ISMS Controls Assurance (ISO 27001, SOC 1 and SOC 2) is preferred
•Ability to understand IT risks and implications to the business, identify weaknesses and recommend solutions
•Identify and resolve complex issues and develop innovative solutions
•Excellent written and oral communication skills including both technical and business writing, documentation and presentation skills
•Strong listening and analytical skills
•Ability to communicate, interact, and cooperate with internal teams
•Excellent interpersonal relations and demonstrated ability to work with others effectively in teams
•Adapting and embracing new technology, innovation, and changes
•Thriving well under pressure and effectively in a fast-paced environment
For more information on this career opportunity including how to apply online, please visit:https://hootsuite.com/about/careers/it-security-operations/grc-specialist
Posted on: April 25th, 2017
* * * * * * * * * * * * * * * *
Senior Security Analyst Ministry of Technology, Innovation and Citizens Services
Victoria BCSalary $66,200.03 - $75,658.71 annually plus 6.6% Temporary Market Adjustment
The Ministry Information Management Branch (IMB) fulfills the business needs with technology solutions and ensure ministry IM/IT investments support strategic objectives of the larger government. The IMB Security, Privacy and Compliance unit promotes corporate accountability for the protection of information and information systems to support improved decision-making throughout the ministry line-of-business divisions and for corporate cross-government initiatives.
As a Senior Security Analyst within the Information Management Branch, you will evaluate new and emerging security technology and trends as well as the associated cybersecurity threats to security infrastructure and develop related standards and policies. You may also be responsible for providing advisory services to lines-of-business, and enabling the achievement of the government’s Information Security and Privacy Policies. Specifically, you may provide advisory services to assist in the development and support of sound security strategies, security and privacy assessments and secure control processes to protect the Ministry's information and data resources. Successful candidates have the ability to identify and communicate reasonable solutions that balance the business requirements/environment and the protection of personal and corporate information.
Qualifications for this role include:
* Degree, diploma, certification in the computer science field or equivalent work experience.
* Experience with security controls and practices relating to applications, servers, databases and network components preferably in a Microsoft Environment.Preference may be given to applicants with the following:
* Experience conducting and overseeing Security Threat and Risk Assessments.
* Professional designation (or working toward) a Certified Information Systems Security Professional or Certified Information Security Manager, or equivalent security designation may be considered.For more information on this career opportunity including how to apply online by May 10th 2017, please visit:
Posted on: April 19, 2017
* * * * * * * * * * * * * * * *
Manager, Operational Risk – Information Technology Company: Coast Capital SavingsWhat’s the job?
Are you experienced and knowledgeable on all things relating to the management of operational risk? You are? Great. We’re looking for someone like you. As the Manager, Operational Risk Information Technology you’ll support the oversight and co-ordination of information technology governance, risk and compliance for Coast Capital Savings. The position is mandated to oversee and support risk management processes and procedures in line with the internal policies and industry best practice. You’ll also provide risk management oversight and support to the ITG, ensuring their operational risks are adequately identified, assessed, controlled, monitored and reported. Additionally, you’ll act as the subject matter expert in providing operational risk management guidance to the First Line of Defense.What you’ll get to do:
• Actively promote education and awareness on risk management, particularly on the management of risk and related controls and related roles and responsibilities aligned with the 3 Lines of Defense.
• Oversee the review, development, implementation and improvement of ITG policies, frameworks and related risk management procedures, ensuring alignment with best practice for financial institutions and internal policies and frameworks.
• Collaborate with ITG and business partners in developing and maintaining an information technology risk management program that is aligned with the enterprise’s risk management frameworks.
• Ensure the established ITG risk and control frameworks, methodology and processes are operating as intended by the First Line of Defense.
• Provide operational risk management oversight ensuring a risk-based approach is taken to develop the information technology program and related strategy.
• Provide independent review and challenge over ITG's key risk and performance metrics, tolerances and risk assessments, ensuring effective identification, assessment and management of Information Technology related operational risks and internal controls.
• Develop and oversee internal control testing methodology and tools, aligned with the Operational Risk Management Framework, ensuring ITG's key controls over operational risk are consistently monitored and operating effectively by the First Line of Defense.
Provide oversight over third party risk assessments performed by ITG, ensuring alignment with the Operational Risk Management Framework and related internal policies and procedures, over ITG's material vendors.Who are we looking for?
• You’ll have 4 – 6 years of job-related experience in Operational and/or Enterprise Risk Management, including hands-on experience executing Risk & Control Self-Assessments (RCSA), oversight of risk assessments over new activities, processes, systems and products, and the evaluation of internal controls.
• Bachelor's Degree or a diploma requiring 3 - 4 years of full-time study. One or more certifications in the fields of risk and/or security are an asset, such as CPA, CIA, CRISC or CISA.
• Strong knowledge of risk management concepts, ideally related to practices across IT and information security governance, risk and compliance.
• Strong working knowledge and application of risk management and security, risk and control frameworks, such as COSO, ISO31000, COBIT, ISO27001, and ISO31000.
• Knowledge of legislations and regulations affecting the financial services industry.
• Proficient understanding of information security risks and controls.
• You’ll be a whiz and have advanced knowledge of MS Excel, Word, Outlook, and PowerPoint.
• Strong interpersonal skills with ability to communicate effectively with all levels of personnel.
• Ability to present ideas in business-friendly and user-friendly demeanor.
Ability to remain calm and maintain professionalism and objectivity under pressure.Why join Coast Capital Savings?
We don’t mean to toot our own horn, but…
• At the top of the list is that we have an environment that empowers our employees and members.
• Employees do what’s best for our members. Every day.
• We believe in being a great corporate citizen so we invest in our local communities by donating our time, money and expertise.
• Our employees take advantage of the many opportunities to grow their careers.
• Employees love having a cool place to work, which includes wearing their jeans on Fridays & Saturdays and being recognized with a virtual (and, at times, an actual) high-five.
• Our inspiring leaders help our employees develop their talents and encourage them to be their fabulous selves.
• We have a unique culture where we take our business seriously, but ourselves, not so much.
• In 2017, we earned double kudos by being named one of BC’s Top Employers and one of Canada’s Best Managed Companies – two of the nation’s most coveted business awards, may we add.
Does this position inspire you? If so, apply on-line today at Coast Capital Savings.
Posted on: April 11, 2017
* * * * * * * * * * * * * * * *
Information System Audit ManagerLocation: Vancouver - Canada - Full time Company Description
When you’re passionate about what you do and where you work, the rest comes easy. That’s the culture at Central 1 Credit Union, and that’s precisely what we’re looking for from you. Supporting nearly 150 member credit unions across British Columbia and Ontario, we’re the backbone of the credit union system in both provinces – taking care of everything from online services and product development, to payment processing, trade association services and more.
Our team of over 600 employees represent some of the most innovative, passionate individuals you’ll ever meet; people who honestly care about the organization, its members and each other. In other words, people who love what they do.Job Description
We're looking for an Information Systems Audit Manager that will be responsible for the effective planning, execution, and reporting of internal audit projects and advisory services with a focus on Information Technology (IT) and Information Security.
Reporting to the Director, Internal Audit, the Information Systems Audit Manager will be accountable for the ongoing management and development of the overall IT audit strategy and framework. The position will also be responsible for providing input and guidance on organizational IT risks and assists in developing the annual IT audit plan.
The Information Systems Audit Manager will work closely with management in all areas of Central 1 by assessing IT risks, completing independent and objective evaluations of IT risks and processes, and recommending improvements to associated IT controls and processes. Additional responsibilities will also include developing and executing audit programs and testing to support ISO 27001 certification, CEO/CFO certification and compliance with NI 52-109 (C-Sox), and SWIFT self-attestation.Specific Accountabilities General
- Manage the overall corporate IT audit strategy, framework methodology and develop a comprehensive IT audit program and annual audit plan for discussion with the Director, Internal Audit and presentation to the Audit & Finance Committee of the Board as part of the overall risk-based Internal Audit Plan.
- Identify key IT risk areas across Central 1 in accordance with the established risk governance framework and incorporate into IT audit strategy and annual IT audit planning.
- Identify opportunities to optimize the IT audit process and implement improvements to existing approaches and audit methodologies, consistent with the Institute of Internal Auditor's International Standards for the Professional Practice of Internal Auditing (IIA Standards) and other established IT frameworks and standards (e.g. COBIT).
- Proactively develop, maintain and manage high profile relationships with various internal contacts. Collaborate with management and IT teams to improve overall IT governance.
- Conduct special audits and investigations where fraud or other improprieties are suspected and prepare reports of findings.
- Assist where required in the deployment of the Internal Audit Quality Assurance Program.
- Assist where required in updating and aligning of the overall audit methodology as practiced within the department.
- Keep up to date with developments and legislative changes in the Financial Services industry, corporate governance and the auditing profession.
- Participate on security incident response teams as needed to assist in investigating information security incidents, ensure adequate internal action and timely response and provide advice and recommendations on corrective and preventative actions to reduce the impact of future incidents.
- Represent Internal Audit on various IT project teams and internal committees, management meetings and to external stakeholders. Provide advice on governance, risk and control best practices, conformance with standards, compliance with legislation and regulations and internal policies.
- Liaise with Information Security, Operational Risk and Compliance to understand areas of risk and other security concern/focus and incorporate into audit planning as appropriate.
- Liaise with the Corporate Policy Manager and provide feedback on corporate policies and standards.
- Assist in general department planning and strategy and perform other duties as required to assist the Internal Audit department support Central 1’s business goals.
- Occasional travel to Central 1’s offices outside of BC to conduct internal audits as required.
Information systems audit
- Plan and manage the execution and reporting of all IT audit engagements and projects within agreed budgets and timelines. Manage internal audits end to end (planning, execution and reporting) on various types of engagements assessing information systems governance, security, risk management and controls, including:
1. Internal ISO 27001 conformance audits,
2. NI 52-109 (CEO/CFO certification) IT General Controls testing/audits,
3. General IT audits, project health checks, application reviews, cybersecurity and SWIFT reviews/audits.
- Prepare audit finding summaries, updates and audit reports for discussion with auditees and the Director, Internal Audit and presentation to management and the Audit & Finance Committee of the Board of Directors.
- Meet with all levels of employees and management, following audit procedures to ensure that audit objectives and conclusions are adequately addressed and supported.
- Monitor and follow up on audit findings and remediation action plans with employees and management to ensure resolution.
- Coordinate and facilitate audit activities with other assurance providers (e.g. external audit, ISO certification auditors) and regulators, as necessary, to ensure optimal audit coverage.Qualifications Education and experience:
- Post-secondary education in Information Technology, Business or a related discipline.
- Professional certification in information systems auditing - Certified Information Systems Auditor (CISA).
- Certified ISO 27001 Lead Auditor (or willingness to obtain).
- Other certifications such as CIA, CISSP, CISM, CRISC would be beneficial.
- At least 5 years’ IT audit/assurance experience. (Financial Industry experience would be considered beneficial).
- An equivalent combination of education and experience may be considered.Technical requirements:
- Extensive knowledge of IT control systems, infrastructures, processes, operations, risk management frameworks and best practices.
- In depth knowledge of IT auditing methodologies and tools including risk assessments, controls and governance.
- Experience with internal control frameworks and management standards related to risk management, internal control and information systems, e.g. COBIT, ITIL, COSO, PCI.
- Experience with ISO 27001:2013 & ISO 19011:2011 and conducting conformance audits.
- Previous experience with SOX or National Instrument 52-109, Certification of Disclosure in Issuers’ Annual and Interim Filings, (C-Sox) compliance requirements.
- Strong IT strategic thinking skills – ability to find innovative, yet practical, strategies to achieve goals, link several strategies into a unified plan, while anticipating needs and maintaining a future focus.
- Critical thinking skills and the ability to make sound judgments in a deadline-oriented environment.
- Demonstrated ability to work independently, be self-motivated, highly organized and exercise professional judgment.
- Strong verbal and written communication skills, ability to present information to a wide variety of end users and ability to exercise initiative are required. Focus on relationship-building and communicating effectively with people at all levels and in all departments as well as external consultants.
- Proven audit planning and project management skills in a multi-assignment environment.
- Excellent attention to detail but also able to view issues holistically and identify key issues and risks.
- Knowledge of the Institute of Internal Auditor’ Code of Ethics and Standards for the Professional Practice of Internal Auditing.
- Must be proficient with MS Office; knowledge of automated auditing or GRC software would be an asset.
- Ability to learn new business processes and functions within a short period and provide value added assessments and recommendations.Additional Information
As much as we believe in working hard, we also believe in personal growth and taking time for ourselves. Accordingly, our total rewards philosophy amounts to one of the best compensation and benefits packages in the industry – from performance-based incentives and extended benefits, to training and education reimbursements and ample vacation time.
If you are looking to further your career in a dynamic, client-focused and project-based environment, please apply with your cover letter and resumé in confidence Central 1 is committed to diversity and inclusion. If you have a request for a disability-related accommodation, we will work with you to meet your needs.
To apply please click here
Posted on: March 23th, 2017
* * * * * * * * * * * * * * * *
Manager Audit Services IT - BCLCLocation: Kamloops, BC, CA
Company: British Columbia Lottery Corporation
Are you an IT Security or Information Management people and thought leader with an extremely strong attention to detail? Do you thrive on building strong relationships with your peers in other departments to further your business success? We want to hear from you...
The Manager, Audit Services IT is accountable for the effective planning and execution of IT audits of varying complexity and ensuring IT audit activities are consistent with and supportive of the overall IT audit strategy and framework. The role will also provide input and guidance on organizational IT risks and assist in developing/completing the annual IT audit plan. The Manager works closely with management in all areas of the organization by assessing IT risks, completing independent/objective evaluations of IT risks and processes, and recommending improvements to associated IT controls and processes.For more details and to apply, please click here
Posted on: March 4, 2017
* * * * * * * * * * * * * * * *
Senior Audit Services Advisor - ICBC, North Vancouver, BCLocation: North Vancouver
Employment Type: Permanent Full Time
A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. Make the most of your skills and take the opportunity to grow and develop your career. You can expect a competitive salary, comprehensive benefits and a challenging work environment. Drive your career with us. ICBC is an equal opportunity employer, and invites applications from all qualified candidates.Position Highlights
ICBC’s Corporate Audit Services department has a tremendous opportunity for an enthusiastic individual who will bring a wealth of knowledge and expertise to their professional team. As a Senior Audit Services Advisor, you will design and perform a variety of complex, large-scale risk-based audits to determine the appropriateness and effectiveness of controls while championing best practices throughout the organization.
Your responsibilities will include:
• Providing input to business units on the proposed design of internal controls and governance processes for new initiatives;
• Designing appropriate audit approaches for various audit projects of various sizes;
• Performing data collection and analysis according to audit plan;
• Preparing reports on the adequacy and effectiveness of governance and controls;
• Identifying and evaluating opportunities for organizational improvement in support of corporate goals and objectives;
• Acting as project team lead and monitoring progress against schedule and deliverables;
• Utilizing audit methodology developed by best practices and relevant professional associations to improve internal control processes.Position Requirements
Ideally, your post-secondary education is complemented by a professional designation (CPA, CIA, CISA, etc.) along with at least 4 years of senior internal audit experience in a large corporation with multiple business units
• Or at least 6 years of public practice experience in a mid to large size public practice firms;
• Solid knowledge of audit processes;
• Strong written and verbal communication;
• Critical thinking skills and the ability to make sound judgments in a deadline-oriented environment.
Required skillset for one or more of the following:
• IT audit experience in a large organization or public accounting firm;
• Data analytics in a complex IT environment;
• Insurance industry knowledge;
• Forensic investigations.Position Information
A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. Make the most of your skills and take the opportunity to grow and develop your career. You can expect a competitive salary, comprehensive benefits and a challenging work environment. Drive your career with us.
ICBC is an equal opportunity employer, and invites applications from all qualified candidates.
Posted on: February 18, 2017
* * * * * * * * * * * * * * * *
Senior Security Specialist– Ministry of Health - BC Public Service, Victoria, BC Canada
Salary $72,095.17 - $82,478.97 annually
2 positions availablePOSITION DESCRIPTION
The Health Information Privacy, Security and Legislation (HIPSL) Branch is accountable for the design, implementation, and continual advancement of the provincial information privacy and security framework (including ensuring the ministry’s compliance with the Freedom of Information and Protection of Privacy Act (FOIPPA), the E-Health Act, and other applicable health-specific legislation. HIPSL provides information privacy and security leadership, expertise and advice regarding legislation, regulation, policies, industry standards, and best practices for the Ministry and the broader health sector.
HIPSL is currently looking for a strategic thinker who will drive the development, implementation and management of the division’s strategic vision and priorities related to health security risk management practices and project deliverables across the ministry. You will evaluate new and emerging security technology and trends as well as the associated cybersecurity threats to security infrastructure and develop related standards and policies. You may also be responsible for providing advisory services to lines-of-business, and enabling the achievement of the government’s Information Security Policy. Specifically, you may provide advisory services to assist in the development and support of sound security strategies, security assessments and secure control processes to protect the Ministry's information and data resources.Qualifications for this role include:
• Degree, diploma, certification or equivalent in the computer science field. Degree preferred.
• Professional designation as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), or equivalent.
• 5 years of IT experience, of which a minimum 3 years’ experience developing enterprise security architecture in a large, complex organization.
For more information and to apply by February 22, 2017, please go to: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=38939
Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted.
Posted on: February 11, 2017
* * * * * * * * * * * * * * * *
Internal Audit Manager – WorkSafeBC - Vancouver BC CanadaPOSITION DESCRIPTION
We’re looking for an audit manager to lead an internal audit team who provide risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes. You’ll represent the department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.
Consider joining a team who apply award-winning practices and strive to deliver innovative and leading internal audit services to their clients. This is a temporary assignment to October, 2018.What you’ll do
As an internal audit manager you will:
Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
Lead and mentor the internal audit team
Represent the department and interact with senior management
Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewalIs this a good fit for you?
We’re looking for someone who can:
Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
Communicate clearly and succinctly in both oral and written form to all levels of the organization
Understand client needs and ensure knowledgeable and timely serviceYour background and experience:
A professional accounting designation – CPA (CGA, CMA, CA)
A minimum of 10 years of business experience that includes:
o at least five years of internal audit experience o at least five years in a leadership role
Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
A CIA or CISA designation is mandatory
Experience with IT audits is an assetWho are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the almost 2.3 million workers and 210,000 employers in our province.What’s it like to work at WorkSafeBC?
It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.Application deadline: February 23, 2017
Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.
Posted on February 1, 2017
* * * * * * * * * * * * * * * *
ANALYST, IT AUDIT & CYBER RISK – Kerrisdale Group - Vancouver BC CanadaPOSITION DESCRIPTION
We are looking for candidates who are passionate about IT audit, compliance and cyber security risk. This is a unique opportunity to join a small, yet dynamic team and directly contribute to the growth of our IT General Controls (ITGC) & Cyber Security Risk programs. The Analyst, IT Advisory & Assurance, position will report directly to the head of our ITGC Assurance Program and will participate in a variety of Information Security Audit and Cyber Security Risk client engagements. The role will also provide ad-hoc technical and operational assistance when called upon.
We seek those who are interested in a challenging and rewarding career experience, not just a job. We expect our team to deliver solutions through a combination of diverse, real world experience and a sense of urgency, commitment, collaboration and bias for results. We look for candidates with a demonstrated track record of success in challenging environments. The ideal candidate will thrive in ever-changing, entrepreneurial environment which is high on team camaraderie and committed to our shared root values.DUTIES and RESPONSIBILITIES IT AUDIT & CYBER RISK ASSESSMENT
Support on-going ITGC control monitoring programs, SOX (Sarbanes-Oxley) IT audits, and Cyber Security Risk assessments
Document and evaluate business processes, risks and IT controls
Conduct preliminary IT security scans including file-server share and application permission reports
Discover, Inventory and review key systems, devices, user accounts, data sources, and corresponding logs
Participate in network vulnerability assessments, port scans, and analysis
Develop, run, maintain and document IT audit scripts and reports
Make recommendations to address control deficiencies, optimize risk, and improve operational efficiency
Inventory and revise IT policies and procedures
Keep technical diagrams up to date
Liaise with client IT personnel, remote staff, managed service providers and third party vendorsTECHNICAL CONSULTING & SUPPORT
Visit client sites and liaise with staff at all levels of the client organization
Analyze IT requirements within companies and provide independent / objective advice on the use of IT and present solutions in written or oral reports
Contribute to Kerrisdale Group’s growth by delivering tangible and significant business value to our clients
Document process workflows, knowledge articles, and reports using a variety of applications and cloud-based tools
Evaluate and recommend new technologies and solutions where appropriate
Other duties as assignedEXPERIENCE and SKILLS
Bachelor's Degree in Management Information Systems, Accounting Information Systems, Computer Science or related discipline degree from an accredited college or university OR equivalent experience.
2 years’ work experience in an IT related role demonstrating excellent analytical, organizational and problem-solving aptitude
One of the following certifications: CompTIA Network+, CompTIA Security+, Cybersecurity Nexus (CSX), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other certification / accreditation
Understanding of IT desktop, server & network infrastructure including Active Directory and NTFS Permissions Familiarity of IT policies & procedures
Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously
Excellent written and verbal communication, organizational, problem solving, and decision-making skills
Strong personal integrity, business ethics and customer service skills
Excellent time management and prioritization skills
Ability to exercise good judgment in evaluating situations and making decisionsDESIRABLE SKILLS
Understanding of standards and frameworks such as Control Objectives for Information and Related Technology (COBIT), CIS Top 20 Critical Security Controls (SANS), and Information Technology Infrastructure Library (ITIL)
Familiarity and understanding of information security regulator requirements (e.g., SOX/C-SOX)
Understanding of and practical experience with information security risk assessment and information security audits
Experience with IT vulnerability and forensics tools are an asset.
Experience with ERP and Accounting Systems
Spanish speaking & writing skillsCOMPANY OVERVIEW
The Kerrisdale Group of Companies includes a unique and diverse portfolio of Technology Management services. We have the depth of experience of larger companies combined with flexibility, agility and a personal touch that only comes with a boutique style firm. Our people make us different - all of whom are enthusiastic about supporting and serving others. We’re passionate about making a meaningful and measurable impact in all we do. Our approach delivers enduring results, true to each client’s specific situation. We always aim to do the right thing for our clients, our people and our causes.
Posted on January 16th, 2017
* * * * * * * * * * * * * * * *
Senior Security Analyst – Victoriar BC Canada – BC Public Service, Ministry of Transportation and InfrastructureSalary $65,033.32 - $74,351.64 annually
The Information Management Branch (IMB) provides information management and information technology (IM/IT) services to our clients at the Ministry of Transportation and Infrastructure and B.C. citizens. With the support from our service providers, the IMB develops and maintains a number of web-based line-of-business applications including the high profile drivebc.ca.
As part of the Information Management, Security and Privacy team at IMB, the Senior Security Analyst plans and conducts various security and privacy assessments on a variety of systems, web applications, and IoT devices; integrates security into the ministry’s deployment pipeline; and manages and continuously improves automated static and dynamic analysis in the ministry’s deployment pipeline. The Senior Security Analyst performs on-demand web application security assessments using various open source tools, effectively communicates the findings to stakeholders in various formats (e.g. presentations, reports, and meetings), and works with stakeholders to identify and implement solutions.
Analytical, detail oriented, results focused, and committed to continuous learning, you have the ability to identify and communicate reasonable solutions that balance the business requirements/environment and the protection of personal and business information. Applying your experience and knowledge, you integrate information security into agile development and DevOps approaches.
Qualifications for this role include:
• Degree in computer science field or business or equivalent and three years related experience; or Diploma in computer science field or business or equivalent and five years related experience; or ten years of related IM/IT experience.
• Minimum of two (2) years’ experience working in Information Security field, preferably in a Microsoft environment.
• Experience conducting security threat risk assessments and/or web application security assessments.
• Knowledge of all aspects of IT security including current technologies and best practices.
• Knowledge of change management processes and project management methodologies.For more details and to apply by January 3, 2017, please click here
Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted
Posted on December 26, 2016
* * * * * * * * * * * * * * * *