Local Job Posting 

 

Job Opening in Vancouver Area


Current Job Postings

Senior IT Auditor - BC Public Service - Ministry of Finance - Victoria - BC
Bring your critical thinking skills to this important leadership role Salary $72,000.00 - $100,000.00 annually


The Ministry of Finance's Internal Audit and Advisory Services (IAAS) supports Treasury Board by providing independent and objective assurance and advice to support governance, accountability, performance management practices and effective financial management.
As a Senior IT Auditor within IAAS you will be reviewing, testing and analysing government’s IT infrastructure; assessing IT strategies, policies and procedures; evaluating the effectiveness of IT security controls and information systems in supporting business processes; and reviewing the effectiveness of disaster recovery and business continuity plans. As required, you will supervise and provide direction to audit staff throughout the projects ensuring their work is timely and competently performed.
Qualifications for this role include:
• Completion of a recognized accounting designation (CPA, CA; CPA, CMA; CPA, CGA); and/or
• Other relevant education, including MPA, MBA, CIA, CISA.
• Minimum of 3 years of current or recent audit and/or advisory experience (with preference given to internal or performance audit experience).
• Minimum of 2 years of current or recent experience reviewing IT governance processes and controls, including information systems, change management, systems project management, information security and privacy, and computer operations.
• Experience in applying generally accepted IT control frameworks (e.g. COBIT, ITIL and ISO) in an audit context.

To learn more, including how to apply online by November 15, 2017 please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=45209

Posted on October 30th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

CyberSecurity Specialist - Vancouver


Do you have cybersecurity experience that will help us keep our information systems secure? We’re looking for a security professional with in-depth ability and proven knowledge in proactive cyber threat detection and mitigation.
In this role, you’ll ensure the security, stability, and availability of our perimeter security infrastructure for our organization’s business applications. You’ll be a technical consultant to project teams, an evaluator of new methodologies and procedures, and an implementer of new requirements and enhancements.
Working on our IT team is a unique opportunity to do work that matters. We provide a highlycollaborative environment where employees can develop their skills working on challenging projects that help make a difference to the workers and employers of B.C.

What you’ll do

As a cybersecurity specialist II you will:  Administer the operation, support, and maintenance of our network and perimeter security systems – including installing, configuring, maintaining, supporting, documenting, and optimizing
 Support the network and perimeter security infrastructure with
o Check-Point firewall and endpoint security
o security analytics
o remote access technologies
o malware and anti-virus technologies
o security vulnerability management
o security patch compliance management
o intrusion prevention and detection technologies
 Participate in the design of the network and perimeter security technologies for both on premise and cloud environments
 Ensure that the network and perimeter security systems are able to satisfy current and projected business requirements

Is this a good fit for you?

We’re looking for someone who can:
 Anticipate, organize, and prioritize work to meet both short and long term goals
 Provide feedback for product or team improvements
 Contribute to a positive work environment by adapting and adjusting to changes
 Use critical thinking to work through complex problems to formulate practical solutions Your background and experience:
 A bachelor’s degree in computer science or a STEM (science, technology, engineering, math) field
 A minimum of five years of experience in progressively complex roles within an IT environment, with primary focus of the last four years in cybersecurity
 An IT security-related certification, such as CISSP, CISM, or SSCP, is preferred
 An equivalent combination of education and experience will be considered

Who are we?

At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers

Posted on October 23th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Information Systems Security Analyst - Vancouver


Are you a self-motivated and tech-savvy individual who is up-to-date on the latest information system security threats and risk mitigation strategies in the modern workplace? Does an innovative, dynamic and collaborative organization committed to providing outstanding results excite you? If this sounds like you, this may be your next perfect opportunity!
The College of Registered Nurses of British Columbia (CRNBC) is seeking an Information Systems Security Analyst to join our Information & Finance team. This is a regular, full-time employee position.

Who we are

CRNBC is the regulatory body for close to 40,000 registered nurses, nurse practitioners and licensed graduate nurses in British Columbia. Our purpose is to protect the public by effectively regulating registered nurses and nurse practitioners.
At CRNBC, we believe in integrity, excellence, and accountability. As a member of the team, you can expect to be treated in a respectful and professional manner. While your workload will be busy, the College supports staff in achieving a healthy work-life balance.

What you will be doing

The Information Systems Security Analyst assesses risk, and recommends, designs, implements, and administers security controls. The position ensures security considerations are integrated into all new systems, features and changes, as well as information exchanges with third-parties, or any other location CRNBC data resides. The Information Systems Security Analyst also ensures that ongoing vulnerability assessments are conducted to ensure that existing systems continue to be updated to respond to new threats. This role acts as the first contact for security related concerns and provides helpdesk and administration support, particularly as it relates to information security tasks. The role also provides support to other colleges that are part of an IT consortium administered by CRNBC.

Responsibilities include:

• In consultation with the Chief Officer, IF and the Information Management Team Lead, as well as security consultants, maintains an information system security risk register and recommends, designs and implements security controls;
• Ensures security considerations are integrated into all system planning, development and maintenance processes;
• Provides input on information security related policies and supports training staff on information security related matters;
• Administers information security systems and controls; which may include activities such as:
o Managing virtual network segmentation, including analyzing network traffic and determining firewall rulesets to provide to hosting providers;
o Performing regular vulnerability scans on virtual Windows servers using Nessus or similar tool;
o Monitoring for vulnerability alerts, patches and updates from vendors for all system components, including code libraries;
o Configuring all system components to use secure settings through methods such as Windows Group Policy;
o Updating and patching Windows infrastructure components, Windows desktop applications, and plug-ins;
o Configuring operating system and application-level access permissions, such as Active Directory security groups;
o Set-up processes to monitor security logs and generate alerts from various system components;
o Investigating security alerts and incidents, including assisting users reporting suspected incidents, and taking actions to contain detected threat activity and minimize damage;
• Advises on emerging information security threats and vulnerabilities, as well as evolving industry standards and best practices;
• Documents security processes and systems at a technical level;
• Provides end-user support (including general non-security IT support) when required;
• Fosters and maintains an organizational culture that promotes mutual respect, teamwork and service excellence.

Your education and skills:

• Bachelor’s degree in Computer Science or equivalent combination of education and experience.
• Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or similar certification.
• 3-5 years’ experience in security management and risk identification and mitigation.
• Working knowledge of industry security standards such as ISO27001/ISO27002, and NIST.
• Demonstrated system administration knowledge for Microsoft infrastructure components (operating system, Dynamics CRM, SharePoint, SQL Server, IIS) and applications, as well as for Citrix or other virtual desktop environments.
• Understanding and identification of current threats and trends in information security.
• Technical understanding of firewalls, network protocols, and encryption protocols.
• Knowledge of network scanning and monitoring tools such as Nessus.
• Windows security certifications.
• Strong troubleshooting and problem solving skills.
• Demonstrated organizational skills and attention to detail.
• Ability to plan, prioritize and manage workload within a time sensitive environment.
• Excellent oral, written and interpersonal communication skills. Ability to work collaboratively with team and other stakeholders.
• Ability to work outside of regular work hours, on occasion, to ensure the smooth functioning of CRNBC related systems.

Compensation and benefits

The successful candidate will enjoy a generous compensation and benefits package.

How to apply

Please forward your resume and cover letter, indicating where you learned of this opportunity, to careers@crnbc.ca. The closing date for applications is November 8, 2017.
To learn more about our organization, please visit www.crnbc.ca. Thank you for your interest in the College of Registered Nurses of British Columbia.
While we appreciate all responses, only shortlisted applicants will be contacted.

Posted on October 23th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior IT Internal Auditor - Vancouver - Point Grey Campus - Canada


Job Summary

Internal Audit's mandate is to provide consulting services and independent and objective assurance of UBC's operations by evaluating and improving the effectiveness of UBC's risk management, control, and governance processes, and by preventing and investigating improper financial activity.
This position plays a key role in enhancing the University's accountability mechanisms in support of the University's strategic objectives, by evaluating IT systems and related risks and controls.
The Senior IT Internal Auditor adds value and improves the University's operations by developing data analysis strategies to enhance and streamline audits and ongoing monitoring activities. This position delivers audit reports summarizing findings and recommendations to assist senior management and the Board in achieving the University's overall strategic objectives.

Organizational Status

The Senior IT Internal Auditor interacts directly with senior stakeholders such as department heads and directors, as well as supervisory and other staff. Since assignments frequently involve access to confidential information, this position must use tact in obtaining and safeguarding information and professional judgment in maintaining confidentiality.
Reports to the Senior IT Audit Manager and works in collaboration with Senior Audit Managers.

Work Performed

- Participates with the Senior IT Audit Manager, Associate Director and Director in developing the annual IT Audit Plan, in alignment with the University's strategic objectives. This includes consideration of the University's risk universe: major enterprise risks, risk tolerance, current controls and planned mitigation strategies.
- Assists the Senior IT Audit Manager in developing risk-based audit programs including:
o Planning the scope, objectives, and detailed audit procedures of specific IT audits and reviews.
o Obtaining evidence and evaluating the efficiency and effectiveness of systems and operations, using root cause analysis.
o Assessing the impact of University financial procedures and policies on specific IT controls.
o Preparing and documenting working papers and files to ensure high professional standards are followed to support objective audit findings.
- Performs IT audits independently or as a team member in a professional, independent and objective manner, and in accordance with the COSO frameworks and leading IT assurance frameworks.
- Writes concise, risk-focused audit reports detailing audit findings on risks, controls, efficiency and effectiveness, and makes pragmatic recommendations for improvement.
- Engages stakeholders, in a diplomatic and tactful manner, in discussions of audit findings and recommendations. Appraises the adequacy of management action plans to address the audit recommendations.
- Conducts special IT investigations as determined by the Director, Associate Director or Senior Audit Managers.
- Participates in various campus-wide strategic committees, such as ERP (Enterprise Resource Planning) systems.
- Develops and maintains Internal Audit's data analytics methodology, including:
o Writing complex programs and ad hoc queries, utilizing enterprise data, to fulfill audit data analysis requirements.
o Ensuring code is developed in a well-structured manner, functions as required, is validated and documented, and is easy to maintain and reuse.
o Ensuring audit team members are aware of the data analytics framework and its application and relevance to their audit projects.
o Conducting training sessions to audit team members on tools and data sources used to perform data analytics.
o Interacting with management to identify appropriate data sources and data elements required for analytics, applying professional skepticism when assessing data sources and validating the completeness and accuracy of data received.
o Analyzing data for financial compliance with University policies and procedures.
o Consulting with audit staff and University departments to develop continuous monitoring processes and procedures, and providing appropriate training and support.
- Provides IT technical support for Internal Audit staff's computing requirements.
- Understands and complies with Internal Audit and UBC Information Security standards, policies and procedures.
- Stays abreast of new trends and developments in IT and data analytics by leading and/or attending seminars, training sessions, and workshops.
- Acts as the liaison between Internal Audit and IT departments.
- Performs other related duties as required.

Supervision Received

Audit assignments are planned and approved by the Senior IT Audit Manager, Associate Director, and Director. Audit programs, working papers, files and reports are reviewed by the Senior IT Audit Manager. Work is reviewed but not checked in detail.
The Senior IT Internal Auditor is expected to collaborate with Senior Audit Managers to develop audit programs and to carry out the field work, with minimum supervision, including the drafting of audit reports.

Supervision Given

None.

Consequence of Error/Judgement

Internal Audit is a fast-paced environment, where competing priorities and tasks are frequent and dynamic. Work is often completed within tight deadlines, requiring the Senior IT Internal Auditor to perform with a high degree of accuracy and precision under pressure.
Errors or incorrect audit work could result in the failure to detect or prevent University financial errors, inefficiencies, inadequate internal controls, or frauds. As Internal Audit provides information directly to senior management and the Board, inaccurate audit information could result in errors in management decisions and University governance.
This role is exposed to and has access to information of a highly confidential and sensitive nature, and must be able to recognize the sensitivity of issues and constantly maintain the strictest confidentiality and discretion. Errors in judgment could have a serious impact on the Internal Audit's relationship and credibility with senior management, the Board, and UBC departments.

Qualifications

Undergraduate degree in a relevant discipline and Completion of an accredited Accounting program (CA, CGA or CMA). Degree in business, mathematics, computer science or management information systems preferred. CPA preferred.
CISA (Certified Information Systems Auditor), CIA (Certified Internal Auditor), CISSP (Certified Information Systems Security Professional) or CFE (Certified Fraud Examiner) designations are preferred. Completion of CISA exam required within one year. A minimum of 7 years of experience or the equivalent combination of education and experience. Experience working with individuals in senior roles and in complex environments preferred. - Audit experience including reviewing internal controls of different types of large and small business operations, writing audit reports and evaluating internal controls and efficiencies.
- Knowledge of COSO frameworks, COBIT5, CIS Critical Security Controls, and cybersecurity risk assessment methodologies such as NIST.
- Experience building and supporting continuous audit monitoring programs.
- Strong quantitative, analytical, data-intuition, and problem-solving skills, and proficiency in data analytics techniques. Strong knowledge and proficiency in extraction and analysis of data from a wide variety of systems, leveraging data analytic and data visualization tools. Advanced knowledge of one or more of the following: ACL, MS SQL, Oracle, Power BI, Tableau, Excel, Access, OBIEE.
- Excellent oral and written communication skills.
- Strong organizational, analytical, planning skills, and excellent attention to detail. Ability to bring a questioning attitude and constructive approach to problem solving.
- Ability to work under minimal supervision, exercising confidentiality, professionalism, initiative and tact.
- Ability to deal with sensitive and confidential issues using discretion and judgment, while maintaining independence and objectivity.
- Ability to work well with others and demonstrate respect, dignity, and integrity in interpersonal relationships.

Equity and diversity are essential to academic excellence. An open and diverse community fosters the inclusion of voices that have been underrepresented or discouraged. We encourage applications from members of groups that have been marginalized on any grounds enumerated under the B.C. Human Rights Code, including sex, sexual orientation, gender identity or expression, racialization, disability, political belief, religion, marital or family status, age, and/or status as a First Nation, Metis, Inuit, or Indigenous person.
All qualified candidates are encouraged to apply; however Canadians and permanent residents will be given priority.

For more information on this career opportunity please visit: here

Posted on October 20th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Risk and Advisory Services Manager - Vancouver - British Columbia - Canada


Founded in 1998 in beautiful Vancouver, BC, lululemon’s products create transformational experiences for people to live happy, healthy, fun lives.
Manage and conduct IT audits throughout the company, including the management and training of internal audit staff on IT audit engagements. Develop the testing strategy for the IT portion of Sarbanes Oxley (SOX) reporting requirements. Identify control improvement opportunities, process inefficiencies, etc. and assist in formulating viable solutions. Requires a general knowledge of retail and strong understanding of IT general controls (for compliance with SOX, as per above), IT application controls, accounting controls and internal audit standards. Managing, planning, research, testing, analyzing and reporting are the primary functions performed in the position. Communication, managerial and leadership skills and the ability to adapt to changing circumstances are necessary. Act as a subject matter expert on all IT audit, compliance, and risk matters on behalf of Lululemon.

Other key responsibilities include

Manage and conduct audits in accordance with the departmental audit plan, ad-hoc business requests or Integrity Line phone calls. Such audits may test the adequacy of accounting, operational and technology controls across all global divisions and functions ensuring compliance with policies, procedures, standards and applicable regulations (e.g. Sarbanes-Oxley).
Plan, research, test, analyze and report audit work and results. Effectively communicate audit results and recommendations to various groups including the Audit Committee, senior management (CEO, CFO, CIO, EVP’s), and department leaders. Identify areas in which the company has opportunities to improve. Provide timely follow up on aligned action plans to ensure their implementation.
Develop and utilize data analytics to substantiate audit findings, as well as for developing continuous auditing programs.
Ensure that audits are completed on a timely basis, in accordance with departmental standards and annual plan.
Proactively identify profit improvement and cost reduction opportunities through audit procedures, reviewing management controls and operating efficiency ensuring that the company's assets are adequately protected. Particular emphasis should be placed on the use of IT automation and data analytics to achieve the above objectives.
Produce well drafted audit reports and present audit findings to management teams identifying opportunities to improve controls or operational processes. Assess their risk and impact and partner with the business stakeholder to align on effective management action plans. Final reports will be provided to the Audit Committee, senior management and the external auditors.
Will assist in formulating the annual audit plan and preparing quarterly Audit Committee reporting for the Board of Directors.
Maintain good communication lines with other areas of the company. Resolve conflicts and opinion differences in an effective and productive manner.
Ability to represent Internal Audit Services views/assessments while working with other company departments and senior leadership.
Obtain/Maintain professional certifications and enhance personal and professional skills by completing the necessary continuing education.
Mentor, coach and evaluate internal auditors within the Global Internal Audit Services (GIAS) team.

The finer print

Bachelor’s degree (preferably in MIS, Computer Science or Accounting with IS concentration) CISA, CIA, CISSP or other applicable professional certifications required and maintained 9-12 years of progressive auditing experience, with current experience with IT audits, as well as current experience in managing people.
Strong understanding and experience working with IT governance frameworks (i.e. COBIT, ISO, etc.) Extensive experience in cybersecurity operations or conducting cybersecurity audits and assessments Extensive experience in data analytics for audit purposes (i.e. using software such as ACL, Tableau or IDEA)
Excellent follow-through and drive for timely and quality results.
Strong organizational and communication skills.
Ability to work with minimal oversight and with ambiguity where analysis of situation requires evaluation of various factors. Ability to recognize challenges and make recommendations to overcome them.
Positive attitude and strong team player, excellent customer service.
Demonstrated ability to lead and manage through challenging projects and multiple priorities. Ability to build relationships and influence change.
Will travel (if required)
Will work extended hours (if required)

Our “must haves”

Proven work ethic with utmost integrity
Desire to excel and succeed
Actively live and breathe the lululemon culture and lifestyle
Self-awareness, with desire for constant self improvement (goal-oriented)
Entrepreneurial spirit, and an egoless nature
Self motivated, passionate, empathetic, approachable
Outgoing, energetic, upbeat and fun!

For more information on this career opportunity please visit: here

Posted on October 19th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Security and Compliance Auditor


Our team based out of Vancouver, British Columbia is looking for an IT Security and Compliance Auditor, who will support our global information security and compliance practice in monitoring compliance with key IT system access controls required for Section 404 of the Sarbanes Oxley (SOX) Act. The information security and compliance team is a business enabler that understands the technical risks of the IT environment, translates that into tangible business risk, and arrives at a happy medium that allows the company to propel forward whilst remaining secure.

What a typical day in the life of an IT Security and Compliance Auditor looks like:

• initiate and coordinate periodic attestation / recertification campaigns for user access to a multitude of key corporate IT systems
• monitor for instances of non-compliance with key system access controls, such as access granted without proper approval, inappropriate access to sensitive system functions, lack of timely access revocation post termination, etc.
• conduct root cause analysis over non-compliance instances as described above, and work closely with the related IT or business function to develop remediation actions
• escalate incidents to the IT Compliance Manager, or other appropriate resource, as necessary
• perform or assist with other compliance or security audits as necessary, and report on audit results to the IT Compliance Manager, as well as other stakeholders
• undergo ongoing training and certification to maintain technical skills at the highest level

Here is the experience and knowledge that we would like you to bring with you:

• a college diploma in information security or computer technical support, or equivalent education and/or training and holds or be working towards a relevant certification, including widely recognized security or audit certifications such as SANS GIAC, CISSP, CISA or CISM, or more specific certifications such as the Certified Identity and Access Manager (CIAM) certification.
• previous experience in a similar systems auditor role, or an access administrator role
• experience working with or administering identity and access management systems, such as Sailpoint IdentityIQ, Oracle Identity Management, Okta, NetIQ, etc.
• experience with incident management, change management and service request processes which utilize an internal ticketing system
• working knowledge of security incident and event management systems
• previous experience in maintaining and troubleshooting day-to-day operational processes, such as report generation, data verification and data correlation
• experience working in an eCommerce environment, with exposure to mobile application platforms
• prior experience working in a highly-regulated environment would be an asset
• basic knowledge of systems and computer networks
o should have knowledge of OS environments such as Windows 7, Apple Mac, Linux and Windows Server 2008, etc.
o should be familiar with TCP/IP concepts, such as IP addressing schema, SMTP, HTTP, HTTPS, FTP, DNS, etc.
o understanding of and exposure to security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server and network device hardening, etc. is a strong plus.
o ability to run tools such as nslookup, netstat, nmap, etc. is a strong plus
o ability to review and accurately interpret network logs is a strong plus

The Finer Print:

• you have a strong understanding of risk, particularly business risk in your DNA and bring that to the fore in all your work
• a solution provider to the core, you walk into problem situations and leave them with solutions
• detail oriented to a fault, you do not let an issue rest until you have gotten to the core of the matter
• you love to ask “why” until you get to the root cause of a problem, and feel even better when you can support your conclusions with strong, deeply analyzed data
• you are an adept multi-tasker who can juggle multiple projects and tasks simultaneously, and prioritize them accordingly
• you thrive in extremely fast paced environments, and revel in the opportunity to be constantly exposed to cutting edge technology
• the master communicator that you are, you are equally at ease explaining security vulnerabilities to information technology admin staff, as you are explaining business risk to end users
• ever the charmer, you can drive teams towards security and compliance goals with a smile
• you are a compulsive documenter, who loves whipping up design and procedural documents

For more details, please contact to Simon Chu at schu@lululemon.com

Posted on October 16th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 


Internal Audit Manager (2 positions) Salary range $ 77,886 - $97,358 annually - Vancouver, BC


Are you an accounting professional with internal audit experience? We’re looking for two audit managers to lead internal audit teams that provide risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes.
You’ll represent the Internal Audit department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.
Consider joining a team who apply award-winning practices and strive to deliver innovative and leading internal audit services to their clients.

What you’ll do
As an internal audit manager you will:
 Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
 Lead and mentor the internal audit team
 Represent the department and interact with senior management
 Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewal

Is this a good fit for you?
We’re looking for people who can:
 Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
 Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
 Communicate clearly and succinctly in both oral and written form to all levels of the organization
 Understand client needs and ensure knowledgeable and timely service

Your background and experience:
 A professional accounting designation – CPA (CGA, CMA, CA)
 A minimum of 10 years of business experience that includes:
o at least five years of internal audit experience
o at least five years in a leadership role
 Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
 A CIA or CISA designation is mandatory
 Experience with IT audits is an asset

Who are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the almost 2.3 million workers and 210,000 employers in our province.

What’s it like to work at WorkSafeBC?

It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.

Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.
We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.

To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.

Application deadline: November 2, 2017

Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on October 6th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

IT Audit Manager Salary $ 86.000 - $112.000 annually - Ministry of Finance - Victoria, BC



This position is excluded from union membership.
A leadership role with direct influence

The Ministry of Finance's Internal Audit and Advisory Services (IAAS) supports Treasury Board by providing independent and objective assurance and advice to support governance, accountability, performance management practices and effective financial management.

The IT Audit Manager coordinates audit projects and manages sensitive situations in an objective, professional and proficient manner. This key position reports to the Executive Director and is primarily responsible for leading and performing a wide range of complex IT audit/reviews in major information systems and IT governance areas of the BC public sector to ensure they are aligned with generally accepted frameworks and are consistent with government business strategic direction. As required, the IT Audit Manager also plans and conducts non IT reviews.

As the ideal candidate, you possess working experience in IT audits and analysis including reviewing, testing and analysing complex IT infrastructures; assessing IT strategies, policies and procedures; evaluating the effectiveness of IT security controls and information systems in supporting business processes; and reviewing the effectiveness of disaster recovery and business continuity plans.

Qualifications for this role include:
• Completion of a recognized accounting designation (CPA, CA; CPA, CMA; CPA, CGA); and/or
• Other relevant education, including MPA, MBA, CIA, CISA.
• Equivalent combination of education and experience may also be considered.
• Minimum of 5 years of current or recent audit and/or advisory experience (with preference given to internal or performance audit experience); and
• Minimum of 2 years of current or recent experience in a supervisory role (project or otherwise).
• Minimum of 3 years of current or recent experience reviewing IT governance processes and controls, including information systems, change management, systems project management, information security and privacy, and computer operations.
• Experience in applying generally accepted IT control frameworks (e.g. COBIT and ITIL) in an audit context.

For more information on this career opportunity including how to apply online by October 11,2017 please visit: here

Posted on September 19th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Manager, Performance Audit

Management Band 3 - Salary $ 72.000 - $100.000 annually - Auditor General for Local Government - Surrey, BC

The office of the Auditor General for Local Government (AGLG) was established to strengthen British Columbians’ confidence in their local governments’ stewardship of public assets and the achievement of value for money in their operations. Performance audits conducted by the office are at the core of accomplishing this. The AGLG is dedicated to making a difference for British Columbia’s local governments and taxpayers across the province.

We have an exciting opportunity to join the AGLG team in a newly created Manager, Performance Audit position, leading a team of auditors in the performance of value-for-money audits of local governments across BC.

As the Manager, Performance Audit, you will lead a team in creating positive change for local governments. A highly effective communicator and problem solver, you will work collaboratively with other AGLG staff and local governments, assessing the performance of operations, including their economy, efficiency and effectiveness. This is a multi-faceted role that encompasses assisting with audit planning; gathering audit evidence; reporting audit findings; and helping develop key recommendations for improvement and change.

Qualifications for this role include:
- A bachelor’s degree combined with a recognized professional designation (e.g.: CPA, CIA, CRMA, CISA, CE) or a university master’s degree in a related field such as business, economics, public administration (or near completion) or equivalent qualification in an area relevant to performance audits in combination with experience leading an audit team in the conduct of performance audits.
Experience:
- In public administration operations, preferably at the municipal level.
- Leading a team with an ability to organize, manage, and lead diverse complex projects, including responsibility for managing resources and staff, planning, organizing, prioritizing, conducting, assisting in reporting on audit projects and adhering to operational performance standards.
- Developing formal audit plans, identification of audit scope, objectives and criteria, identifying and documenting risk assessments and developing budgets and timelines for the planning and conduct of the audit.
- Using a variety of research methodologies and working in program analysis, evaluations and/or measurement and developing reports.
- Explaining and/or presenting policy, legislation, strategic plans, audit plans and practices, audit findings and recommendations both verbally and in writing, in a clear and concise style that is appropriate to the audience.
- Building and maintaining cooperative and productive relationships and effectively liaise with internal and external stakeholders.

For more information and to apply by September 21, 2017, please go to: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=43904

Posted on September 1st, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Junior Analyst, IT Assurance

The Directorship - Vancouver, BC

Contract

We are looking for candidates who are looking to grow, make a meaningful impact, and are passionate about IT audit, compliance and cyber security risk. This is a unique opportunity to join a small, yet dynamic team and directly contribute to the growth of our IT General Controls (ITGC) & Cyber-Risk Assurance programs. The Junior Analyst, IT Assurance, will participate in a variety of Information Security Audit and Cyber Security Risk client engagements. The role will also provide ad-hoc technical and operational assistance when called upon.

We expect our team to deliver solutions through a combination of diverse, real world experience and a sense of urgency, commitment, collaboration and bias for results. We look for candidates with a proven history of continuous learning, exploration, and superior customer service. The ideal candidate will be naturally analytical and thrive in ever-changing, entrepreneurial environment which is high on team camaraderie and committed to our shared root values.

DUTIES and RESPONSIBILITIES

• Support on-going ITGC control monitoring programs, SOX (Sarbanes-Oxley) IT audits, and Cyber Security Risk assessments
• Document and evaluate business processes, risks and IT controls
• Conduct preliminary IT security scans including file-server share and application permission reports
• Discover, Inventory and review key systems, devices, user accounts, data sources, and corresponding logss
• Participate in network vulnerability assessments, port scans, and analysis
• Develop, run, maintain and document IT audit scripts and reports
• Make recommendations to address control deficiencies, optimize risk, and improve operational efficiency
• Inventory and revise IT policies and procedures
• Keep technical diagrams up to date
• Liaise with client IT personnel, remote staff, managed service providers and third party vendors

TECHNICAL CONSULTING & SUPPORT

• Work with client sites and liaise with staff at all levels of the client organization
• Analyze IT requirements within companies and provide independent / objective advice on the use of IT and present solutions in written or oral reports
• Contribute to Kerrisdale Group’s growth by delivering tangible and significant business value to our clients
• Document process workflows, knowledge articles, and reports using a variety of applications and cloud-based tools
• Evaluate and recommend new technologies and solutions where appropriate
• Other duties as assigned

REQUIRED EXPERIENCE and SKILLS:

• 2 years’ work experience in a related IT role demonstrating excellent analytical, organizational and problem-solving aptitude.
• Excellent written and verbal communication, organizational, problem solving, and decision-making skills.
• Strong personal integrity, business ethics and customer service skills.
• One of the following certifications: CompTIA Network+, CompTIA Security+, Cybersecurity Nexus (CSX), MCP or other certification / accreditation preferred
• Basic understanding of IT desktop, server & network infrastructure including Active Directory and NTFS Permissions
• Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously
• Excellent time management and prioritization skills
• Ability to exercise good judgment in evaluating situations and making decisions

DESIRABLE SKILLS
• Understanding of standards and frameworks such as Control Objectives for Information and Related Technology (COBIT), CIS Top 20 Critical Security Controls (SANS), and Information Technology Infrastructure Library (ITIL)
• Familiarity and understanding of information security regulator requirements (e.g., SOX/C-SOX)
• Understanding of and practical experience with information security risk assessment and information security audits
• Experience with IT vulnerability and forensics tools are an asset.
• Experience with ERP and Accounting Systems
• Spanish speaking & writing skills

COMPANY OVERVIEW:

The Kerrisdale Group of Companies includes a unique and diverse portfolio of Technology Management services. We have the depth of experience of larger companies combined with flexibility, agility and a personal touch that only comes with a boutique style firm. Our people make us different - all of whom are enthusiastic about supporting and serving others. We’re passionate about making a meaningful and measurable impact in all we do. Our approach delivers enduring results, true to each client’s specific situation. We always aim to do the right thing for our clients, our people and our causes.

Job Type: Contract

Job Location: Vancouver, BC

Required experience:
• Information Technology or related: 2 years

Required languages:
• Spanish
• English

Posted on September 15th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Network Security Analyst

Salary $ 66,200.03 - $ 75,658.71 annually plus 6.6% Temporary Market Adjustment
BC Public Service - Victoria - BC


The Office of the Chief Information Officer (OCIO) is responsible for the security of government's electronic information and developing the policies, standards and programs that protect sensitive and personal information.

Within the OCIO, the Information Security Branch (ISB) provides the overall governance for information security to support the secure delivery of government programs. Through its Information Security Program the ISB ensures programs, plans and processes are in place to appropriately manage the risks to the confidentiality, integrity and availability of government information. The ISB provides subject matter experts in support of the OCIO’s responsibilities of developing security policy, architecture and standards and provides specialist consulting to strategic government projects and initiatives. Within the ISB, the IT Security Operations unit is responsible for the design, build and operation of the enterprise security infrastructure. This includes acquisition of hardware and software to support a Security Operations Centre responsible for access control and incident response. The unit reports to the Director of Cybersecurity Intelligence and Investigations.
As the Senior Network Analyst, your role will be to build, operate and oversee the security infrastructure of government’s shared network.

Qualifications for this role include:

• Bachelors Degree in the computer science, computer engineering or data networking field; diploma, certification or equivalent combination of education and experience may be considered
• Preference may be given to applicants with professional designation as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
• 5 years’ experience working at a senior technical analyst level in a large network environment.
• Preference may be given to applicants with the following:
o experience with Firewall, IDS/IPS and/or SIEM technologies
o UNIX platform administration and scripting
o Database tuning and/or administration
o Windows Directory services
o IT security architecture or service development
o IT Network or Security Vendor Certifications

• Experience managing large scale security infrastructure projects, preference may be given to applicants with 3 years of project management experience.

For more information on this career opportunity including how to apply online by August 17th 2017, please click here


Posted on July 31th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Internal Auditor

British Columbia Lottery Corporation, Kamloops - BC

Why Work with Us

At BCLC, we are committed to our people. With consistently high engagement rates, we are proud of the culture we’ve built and are committed to continue being a great place to work. For ten years, we have been one of BC’s Top 50 Employers, and here’s a few reasons why:

* Flexible work hours
* Robust Wellness Program
* Competitive compensation
* Company paid Flexible Health and Dental plan for you and your family
* Defined Benefit Pension Program
* Free Onsite Yoga, Meditation, Circuit Training, Running club and more

The City of Kamloops offers a relaxed lifestyle with an abundance of recreational opportunities and a close-knit community of welcoming people. It has been home to the BCLC head office since 1985 and features:

* A subsidized cafeteria
* Free gym
* Free parking and easy access to transit
* Close proximity to parks, trails and other recreation amenities
* Walking distance to shopping and restaurants

Job Summary:

The objective of the Internal Auditor is to support the Senior Internal Auditor, and Audit Manager and conduct real-time audits, evaluating the performance of operations and compliance with company policies, procedures and regulatory requirements. Leveraging specialist skillsets, the responsibility of this role is to assist in assessing the adequacy of internal controls and operational effectiveness, ensuring compliance with company policies, procedures and regulatory requirements.

This role also has responsibility for prioritization of multiple audit engagements, report writing, and status reporting on engagements, including creating reports to the Executive and Board level reporting, requiring confidentiality, discretion and sensitive judgment.

The Internal Auditor promotes risk and control management, identifying opportunities and making recommendations to strengthen internal controls and improve operational efficiencies.

Key Accountabilities:

* Conducts audits to review effectiveness of internal controls, efficiency of operations and compliance with company policies and procedures. Investigates audit exposures, examines department records and conducts independent audits. Performs audit processes/documentation in accordance with the Institute of Internal Auditors Professional Standards.
* Performs the preliminary assessment of operations, functions or activities and gathers information on key business risks; evaluates the adequacy of the controls designed to manage those risks; identifies opportunities for improvement and develops recommendations for management.
* Analyzes and assesses effectiveness of business management processes and programs, operational and technical issues.
* Participates in the development of recommendations by conducting research into ways to improve efficiency and effectiveness of business processes, providing recommendations to senior internal auditors and managers.
* Provides input into the department’s annual operational audit plan which supports delivery of effective audit management services for the organization.
* Develops and maintains working relationships with internal departments, vendors/suppliers, service providers and regulatory bodies to ensure that information and commitments are met.
* Supports key strategic initiatives and enterprise-wide objectives; builds and facilitates strong relationships with all levels of the organization, including cross functionally and cross divisionally.

Minimum Required Qualifications

Education and Experience

* University Degree in Computing, Business, Accounting or related discipline;
* A professional accounting designation (CPA) would be an asset;
* Actively pursuing or willingness to pursue an auditing designation (CISA, CIA) would be an asset;
* 3 to 5 years recent experience in Information Technology process and controls, accounting or auditing;
* Experience in Information Security and/or Privacy would be an asset;
* An equivalent combination of education and experience may be considered.

Technical Requirements

* Strong analytical, technical and problem solving skills;
* Working knowledge of internal controls, regulations, and related methodologies;
* Working knowledge of Computer Aided Audit Tools (CAAT);
* Ability to multi-task and manage competing priorities;
* Excellent written and verbal communication skills;
* Experience and proven ability to maintain strict confidentiality;
* Ability to interpret and translate ambiguous situations into a structured framework with clearly defined deliverables;
* Ability to effectively develop and deliver recommendations and presentations.

Please Note: This opportunity will remain open until a qualified candidate pool has been established.
Please Note: Candidates must be legally entitled to work in Canada
For more details and how to apply, please click here



Posted on July 25th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Information Systems (IS) Auditor

Teck Resources Limited, Vancouver - BC

Reporting to the Manager, Internal Audit , the Information Systems (IS) Auditor is responsible for assisting in the achievement of all aspects of the Teck Resources Limited Internal Audit Mandate , the achievement of the specified annual Audit Department objectives and the timely achievement of the Teck Resources Audit Plan and Annual SOX Controls Compliance Audit Plan.

Responsibilities:

•Identify and evaluate the organization’s technology risk areas and provide key input to the development of the internal audit plan.
•Either independently or as a part of the audit team, undertake information systems, information technology and operational technology audits, Sarbanes-Oxley controls compliance testing, special projects and ad hoc work assigned by the Director Audit & Operational Review.
•Establish the objectives and scope of assigned corporate information technology (IT) audits for agreement with the Director Audit & Operational Review and with the Auditee.
•Plan and execute audit projects designed to provide assessment of internal control processes and operational performance, in accordance with department and professional standards.
•Demonstrate and apply a thorough understanding of complex information systems. Prepare audit work papers and reports documenting the result of reviews of assigned activities and recommended management action.
•Use relevant audit programs in the conduct of internal audits and the Sarbanes-Oxley controls compliance audits that have been developed by Teck or developed by the I.S. Auditor as necessary and agreed with the Director Audit & Operational Review .
•Communicate effectively with Auditees on the objectives, scope and reporting protocol for audits and in explaining audit findings and recommendations and in conducting appropriate audit exit meetings with the most senior site member of management or where at head office, with the most senior functional head.
•Provide Senior Management and the Audit Committee with an independent assessment of the Company’s systems of internal controls and prepare timely audit reports for issuance to the Auditee and Senior Management.
•Develop for each audit, recommendations that will improve the Company’s overall systems of internal control and assist in mitigating risk and in improving the efficiency, effectiveness and profitability of the Company and ensure compliance with the requirements of the Sarbanes-Oxley Act.
•Assist in development of the Information Systems Audit plan; define the scope, schedule of the audit projects and agree with the Director Audit & Operational Review.
•Participate as advisor to, or assess, major and critical Information System projects.
•Meet Information System management periodically to identify major changes and security concerns and update the Director Audit & Operational Review as required.
•Conduct audit follow-ups as necessary and report upon the implementation status of audit recommendations to the Director Audit & Operational Review, Senior Management and the Auditee.
•Maintain adherence to the Standards for the Professional Practice of Internal Auditing (Institute of Internal Auditors) and maintain up to date knowledge of information systems audit practices.

Qualifications:

•Certified Information Systems Auditor designation (CISA) and/or undergraduate degree in Computer Sciences,
•A CISSP/CISM designation is desirable.
•A minimum of three years operational IT audit experience in an environment that provides exposure to sophisticated information systems audit techniques, network security, technology infrastructure, software development, project management, or a related field.
•Demonstrable understanding of concepts related to information systems audit, including security and control risks such as logical and physical access security, change management, information security, business recovery practices and network technology.
•Considerable knowledge of and skill in applying technology auditing principles including IT Controls Framework, COBIT, ISO, NIST, SANS, or Global Technology Audit Guides (GTAG)
•Broad based knowledge of IT/IS environments, including networks, Unix, JD Edwards, Oracle, Microsoft Windows, SQL, SAP and Dynamics AX
•Knowledge of industrial control systems and other operational technology and ISA99 Standards.
•Ability to perform reviews of Operating Systems, Network, Database, web and ERP applications
•Knowledge of Control Objectives for Information and Related Technology, Accepted Auditing Standards, Standards for the Professional Practice of Internal Auditing.
•Strong PC skills and the ability to determine and use appropriate audit tools and techniques
•Information Systems Security experience is an asset
•Effective oral and written communication skills, including active listening skills and skill in presenting findings and recommendations for improvement
•Critical thinking capability to gather relevant information, perform detailed analysis and develop well-reasoned conclusions and solutions.
•Ability to work independently, be self-motivated and be prepared to travel
•Desirable to have working knowledge of Spanish
•Ability to consciously exploit new ideas or reinvent ideas to provide new solutions.
•Exposure to Sarbanes-Oxley Section 404 and an understanding of the general compliance requirements related to information technology.

We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.

Your application to this posting is deemed to be your consent to the collection, use and necessary disclosure of personal information for the purposes of recruitment. Teck respects the privacy of all applicants and the confidentiality of personal information.

Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal, zinc and energy. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.

The pursuit of sustainability guides Teck’s approach to business. Teck is building partnerships and capacity to confront sustainability challenges within the regions in which it operates and at the global level. In 2016, Teck was named to the Dow Jones Sustainability World Index (DJSI) for the seventh straight year, indicating that Teck’s sustainability practices rank in the top 10 per cent of the world’s 2,500 largest public companies in the S&P Global Broad Market Index.

Learn more about Teck at www.teck.com or follow @TeckResources.

Posted on July 20th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

GRC Specialist

Visier, Vancouver - BC

We are looking for a Governance Risk & Compliance (GRC) Specialist to support our GRC & Privacy team. Visier is a fast moving and creative company for dedicated individuals who can thrive in our environment.

Visier has enterprise level clients such as PayPal, Yahoo, Exelon, Micron, who rely on us for business intelligence solutions to accelerate the success of their businesses. The successful candidate will support our team’s functions and processes to assist Visier in protecting our customers’ data and comply with relevant laws, regulations, and controls.

What you’ll be doing…

•Assist in the audit process including conducting interviews with internal team members, observing operations, reviewing transactions and documents, and completing documentation in working papers and audit reports.
• Conduct follow up and monitoring of the audit process to ensure corrective actions are completed.
• Assist in the development of risk management controls and systems, development of policies and procedures, and privacy reviews and assessments.
• Provide sales support by presenting GRC practices and controls including responding to information security and privacy questionnaires and requests from prospects.
• Provide administrative support and completing projects for the GRC & Privacy team including organization of files and reviewing documentation, updating intranet site, and scheduling events and tasks such as audit processes, privacy training and policy updates.
• Conduct research of GRC, privacy, and information security issues to help the team remain up to date on current practices.

What you’ll bring to the table…

• Minimum 1+ years of experience in audit, risk management, privacy and/or compliance practices, principles, procedures, and techniques.
• Relevant certifications in audit, information security and/or privacy would be considered an asset.
• Excellent written and verbal communication skills.
• Ability to prioritize in a fast-paced environment.
• Ability to take instruction and guidance.
• Excellent interpersonal relationship skills.
• Organized with attention to detail.
• Successful completion of background checks is an ongoing requirement of this role.

For more details and how to apply, please click here

Posted on July 14th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Internal Auditor

Fortis BC Holdings Inc, Burnaby - BC

Position overview
Working in accordance with the organization’s strategic vision, core values and leadership competencies, this position is responsible to provide professional internal audit expertise in the planning, execution and reporting of internal audit projects.

Responsibilities
Provide professional internal auditing expertise in the planning, execution and reporting of Internal Audit projects within budget and deadlines. Identify and evaluate the organization’s risk areas and provide key input to the development of the annual audit plan.
Lead business process reviews to evaluate the design, operating effectiveness and efficiency of internal controls over operations. Lead reviews to assess the integrity of the financial statements and to evaluate the adequacy/efficiency of accounting, financial and operating procedures established for business control purposes. Prepare and assist in the preparation of audit reports with appropriate action plans that will aid management.
Effectively communicate audit findings with management personnel. Review and report on the status of action plans to implement improvements. Assist management on special projects and assignments as needed.
Assist with implementation of Sarbanes-Oxley Act Section 302 and Section 404 (SOX). Lead reviews to assess compliance with SOX and established corporate policies. Assist in the application of the COSO Framework related to external financial reporting and COBIT Framework related to IT General Controls.
Assist in the development of Internal Audit policies, procedures and methodologies. Provide training, coaching and guidance to Internal Audit staff in conducting audits and other audit-related issues.
Effectively communicate and collaborate with others in the provision of internal audit services. Conduct oral presentation of final results and recommendations to management. Represent Internal Audit on organizational project teams at management meetings and with external stakeholders. Keep current with developments in auditing methodology, governance and compliance issues including best practice methods and common industry issues.
Conduct work in a manner that prevents injuries and incidents, and contributes to FortisBC’s Target Zero Mission. Maintain knowledge and understanding of safety policies, practices and procedures. Lead by example by putting safety first at all times.

Requirements Education and Experience

• Completion of CISA designation.
• Professional Accountant designation (CPA, CA) or Certified Internal Auditor designation (CIA) from a recognized institution plus a minimum of seven (7) to ten (10) years directly related experience in a large organization or an equivalent combination of education, training and experience.
• Knowledge of generally accepted auditing standards (GAAS) in Canada and US GAAP.
• Knowledge of the Standards for the Professional Practice of Internal Auditing and the Code of Ethics developed by the Institute of Internal Auditors.
• Knowledge and internal or external audit experience in implementing, and ongoing auditing of, Sarbanes-Oxley Act Section 302 and Section 404.
• Knowledge of the COSO framework for the review of financial reporting, operational efficiency and compliance, as well as the COBIT framework for Information Technology General Controls.
• Knowledge of, and experience in, power and natural gas utilities is an asset.
• Must have a valid British Columbia Driver’s License.

Technical Competencies

• Working knowledge of large ERP systems such as SAP.
• Considerable knowledge and skill in applying auditing practices, procedures and principles.
• Knowledge of financial and operational risks.
• Considerable skill in planning and project management, and in maintaining composure under pressure while meeting multiple deadlines.
• Skill in negotiating issues and resolving problems.
• Skill in conducting quality control reviews of audit work products.
• Considerable skill in effective verbal and written communications, including active listening skills and skills in presenting findings and recommendations.
• Strong business acumen and interpersonal skills.
• Ability to develop creative approaches and solutions necessary to solve complex problems.
• Demonstrated ability to evaluate compliance with established corporate policies and procedures including corporate governance, code of conduct standards, and business ethics policies.
• Demonstrated ability to interact with and present information to senior management level personnel and encourage acceptance of corrective actions.
• Demonstrated ability to align performance goals to strategies
• Demonstrated ability to develop and maintain effective working relationships
• Demonstrated ability to effectively prioritize and execute tasks in a high-pressure environment
• Demonstrated ability to work independently and in a team-oriented, collaborative environment

Posted on June 28th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Internal Auditor IT


Great Canadian Business Centre (Coquitlam , BC)

Reporting to the Director, Internal Audit and Enterprise Risk Management, this position is responsible for testing the effectiveness of internal controls, primarily in IT, including performing general data analytics and business process evaluation and documentation, evaluating findings, providing recommendations and report writing. As with all Great Canadian staff, Internal Auditors will contribute to a safe and welcoming environment for all employees by ensuring adherence to all provincial and internal controls, regulations, policies and procedures.
You can expect to apply your skills and qualifications through the following key accountabilities:
 Conducts audits, primarily in IT using industry frameworks (COSO & COBIT) and in adherence to the IIA Professional Standards
 Develops and applies testing scripts
 Identifies areas of risk
 Develops approaches to minimize risk exposures; including development of automated monitoring scripts and tools, including best practice CAATs and continuous monitoring techniques
 Evaluates findings and provides recommendations
 Assists with driving department transformation programs which will include implementing risk and technology based auditing approaches, streamlining processes and documentation, performance metrics, indicators and dashboards
 Communicates effectively with all appropriate operational departments
 Builds strong working relationships with stakeholders
 Complies with licensing laws, health and safety and other statutory regulations
 Performs other duties as assigned or directed.

Our ideal candidates will possess the following:
 Personification of Great Canadian’s values in action: Integrity, Team Engagement, Drive to Succeed, Service Excellence and Citizenship
 A passion for providing Great Experiences and Memories to our internal and external guests in the continual quest of achieving Service Excellence
 Minimum 3-4 years of experience in IT auditing using a modern risk based approach and methodologies
 Post-secondary education in technology or suitable combination of education and experience  CIA, CPA CFE or CISA Designations required
 CISA Designation or equivalent experience, CFE designation an asset
 Excellent communication skills both written and verbal
 Computer literacy in MS Office; ACL Analytics & GRC, Visio and/or other technology related tools  Strong organizational and time management skills
 Project management skills an asset
 Valid BC Driver’s license and access to a vehicle

If this sounds like a GREAT opportunity for you, we invite you register your interest. If your skills and experience are a match for our position, our professional recruiters will be in contact with you. Thank you for your application and your interest in Great Canadian.

Posted on June 19th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Security Analyst


Salary $66,200.03 - $75,658.71 annually, plus 6.6% Temporary Market Adjustment - BC Ministry of Education - Victoria, BC

The Information & Technology Management Branch provides a range of information technology and information management services in support of the work of the Ministry of Education. The Branch works closely with the Office of the Chief Information Officer (OCIO) to assure that ministry plans and initiatives are aligned with government’s overall technology direction and standards. Services provided include an IT Helpdesk, advice and support on protecting and optimizing the ministry’s information assets, and services and strategies relating to infrastructure and application management, workstations and devices, enterprise architecture, and business analysis.

As the Senior Security Analyst, you will be responsible for delivering an information security program for the ministry. You will be developing and promoting current and proposed security programs and services to support information security at all levels of the organization as well as guiding the development of existing and new information systems and initiatives to ensure compliance with the Information Security Policy and IM/IT Standards. Skilled at performing security threat and risk assessments, you will be overseeing the review of, and providing direction on, information security incidents. In this position, you will also be developing processes and providing policy and procedure interpretation and awareness to Ministry employees.

Qualifications for this role include:

• Diploma or degree in the computer technology or computer science field, or a related field.
• Preference may be given to candidates with a professional designation as a Certified Information Systems Security Professional or Certified Information Security Manager, or equivalent.
• Minimum 2 years’ experience performing security threat and risk assessments
• Minimum 1 year experience developing information technology security processes to protect sensitive data
• Preference may be given to candidates with experience using or working with Oracle, Java, BCeID, BC Services card, and/or mainframe environments
• An equivalent combination of experience and education/training may be considered.

To learn more about this opportunity and to apply online by June 19, 2017, please visit: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=41503 Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted.

Posted on June 2rd, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Project Accountant - Contract


River Rock Casino Resort - Vancouver - BC

River Rock Casino Resort is the 2012 to 2016 Winner of the World Luxury Casino Hotel in North America, Trip Advisor’s 2014 winner of the Certificate of Excellence, and Western Canada’s only Four Diamond Casino Resort.

Take the Canada Line Skytrain to Bridgeport and you’re immediately transported to the exceptional River Rock Casino Resort featuring the luxurious Hotel at River Rock. River Rock is home to the best concerts and events in the state of the art River Rock Show Theatre. There’s 24/7 action in Western Canada’s largest Casino Resort, featuring 1110 slot machines, 16 poker tables and 90 table games! Every palate is sure to be pleased at River Rock, where we offer everything from our incredible Buffet, to the sumptuous offerings in Curve Lounge, to Richmond’s most acclaimed West Coast fine dining experience in Tramonto. River Rock has something for everyone!

Whether you work as a Chef on our Culinary brigade, as a Blackjack Dealer, a Server in our International Food Court, or as a Room Attendant in our Hotel, you will have the countless opportunities to provide our guests with the Great Experiences and Memories that have made us famous!

The Official Casino of the Vancouver Canucks, River Rock is your place to shine! Your teammates are just like you – positive, up for a challenge, and always willing to go above and beyond for our guests. If you Expect Great Things, just like we do, we encourage you to apply to join our dynamic team of service professionals today! Starting your career at River Rock is never a gamble – our employees are the best in the business!

Join our Rock Solid team of gaming and hospitality professionals now, at www.riverrock.com!

River Rock Casino Resort currently has an exciting opportunity for a contract Project Accountant (6 month term). This role is responsible for documenting existing flows, developing policies and procedures and recommending improvements. This role will utilize strong accounting knowledge, reporting skills, and effective problem solving to ensure success. This position requires a hands-on team player with excellent communication skills and a dynamic personality. Other responsibilities include:

• Developing policies and procedures for (multiple business lines in a single entity) River Rock which can be expanded (and/or modified) to suit all Enterprise locations
• Ensuring adequate processes and control checks are in place
• Reviewing existing policies and procedures and recommending improvements
• Liaises and communicates effectively with all appropriate operational departments
• Develops and cultivates strong working relationships with all stakeholders, guests, management, employees, vendors, sponsors, community organizers and regulators
• Ensures compliance with licensing laws, health and safety and other statutory regulations
• Performs other duties as assigned or directed


Successful candidates will possess the following qualifications:

• An accounting degree, prefer a designated CPA
• Minimum 5 years Finance or Audit experience, prefer a gaming and/or hospitality environment
• Advanced knowledge of the practical application of business oriented controls, processes and systems
• Solid understanding of Regulatory environments (CEO/CFO certification and SOX an asset)
• Advanced knowledge of MS Office (Word, Excel, Outlook, PowerPoint), Adobe Acrobat, Visio or flowcharting software
• Ability to exceed internal and external customer expectations through timely, effective and service oriented communication
• Technical writing is considered an asset
• Strong planning and organizational skills and attention to detail is required
• Exceptional organization and time management skills
• Excellent communication and presentation skills, both oral and written
• Strong strategic problem solving skills; ability to exercise sound judgment in decision-making
• Ability to work independently, and in a highly collaborative team environment
• Serving It Right Certification or the ability to achieve a Serving It Right Certification
• A commitment to continually increase your knowledge of our products and services in order to offer exceptional experiences to our guests
• A willingness to learn, develop and achieve new skills for personal and professional development
• A passion for providing Great Experiences and Memories to our internal and external guests in the continual quest of achieving service excellence
• Live GCC’s Values on the job: Integrity, Team Engagement, Drive to Succeed, Service Excellence, and Citizenship

Candidates must be ready and willing to work a flexible schedule. The hours of work will be based on customer and business needs.

Thank you for reviewing this job opportunity at River Rock Casino Resort. To start creating your Great Experiences and Memories, apply now @ http://www.riverrock.com/careers/. Come for the opportunity, stay for the experience!

Posted on: May 5th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

GRC Specialist

Hootsuite - Vancouver - BC, Canada

Hootsuite is more than a social media company. We’re more than a tech company. We’re a collective of creators and makers, builders and hackers, teachers and students.

We believe deeply that social media is revolutionizing how we communicate – and we’re driven by our purpose to champion the power of human connection.

We believe that culture is the compass to success and so our culture manifesto is woven into the fabric of all we do. We seek exceptional talent that believes joining a passionate, egoless team that is building something bigger than themselves, and having fun doing it, matters.

We know you have a lot of choices on where to take your career next. Whether you’re based in Vancouver, Toronto, London, Bucharest, Singapore or any of our 12 nests around the globe, you will have 1,000+ #HootsuiteLife peeps who will have your back to support your growth everyday.

Here’s where it might start…

Who You Are...

•Assess the Engineering, Security, IT, Operations, Development, Production, and HR control environment to ensure alignment with Hootsuite’s governance and risk management frameworks
•Project manage Hootsuite’s SOC 2 annual accreditation initiative
•Assist in the development and alignment of Hootsuite practices to SOC2, PCI DSS, and ISO 27001/27002
•Conduct periodic risk assessments and ensure that identified gaps are addressed and remediated in a timely manner
•Perform quarterly control self assessments (CSAs) and internal controls testing to validate that controls are designed, implemented, and operating effectively
•Collaborate with internal teams to analyse security risks and recommend solutions to mitigate these risks
•Prepare and present key risk finding and recommendations to management

You’re Great At...

•Degree in Computer Science or Management Information Systems
•A strong IT and audit background is preferred
•Relevant professional designation (e.g. CISA, CRISC or CIA) and operations auditing experience
•2 to 3 years experience in Enterprise Risk Management, Cyber Risk Security, Third Party Risk and Compliance, ISMS Controls Assurance (ISO 27001, SOC 1 and SOC 2) is preferred
•Ability to understand IT risks and implications to the business, identify weaknesses and recommend solutions
•Identify and resolve complex issues and develop innovative solutions
•Excellent written and oral communication skills including both technical and business writing, documentation and presentation skills
•Strong listening and analytical skills
•Ability to communicate, interact, and cooperate with internal teams
•Excellent interpersonal relations and demonstrated ability to work with others effectively in teams
•Adapting and embracing new technology, innovation, and changes
•Thriving well under pressure and effectively in a fast-paced environment

For more information on this career opportunity including how to apply online, please visit:

https://hootsuite.com/about/careers/it-security-operations/grc-specialist

Posted on: April 25th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Security Analyst

Ministry of Technology, Innovation and Citizens Services
Victoria BC

Salary $66,200.03 - $75,658.71 annually plus 6.6% Temporary Market Adjustment

The Ministry Information Management Branch (IMB) fulfills the business needs with technology solutions and ensure ministry IM/IT investments support strategic objectives of the larger government. The IMB Security, Privacy and Compliance unit promotes corporate accountability for the protection of information and information systems to support improved decision-making throughout the ministry line-of-business divisions and for corporate cross-government initiatives.



As a Senior Security Analyst within the Information Management Branch, you will evaluate new and emerging security technology and trends as well as the associated cybersecurity threats to security infrastructure and develop related standards and policies. You may also be responsible for providing advisory services to lines-of-business, and enabling the achievement of the government’s Information Security and Privacy Policies. Specifically, you may provide advisory services to assist in the development and support of sound security strategies, security and privacy assessments and secure control processes to protect the Ministry's information and data resources. Successful candidates have the ability to identify and communicate reasonable solutions that balance the business requirements/environment and the protection of personal and corporate information.



Qualifications for this role include:


* Degree, diploma, certification in the computer science field or equivalent work experience.
* Experience with security controls and practices relating to applications, servers, databases and network components preferably in a Microsoft Environment.

Preference may be given to applicants with the following:

* Experience conducting and overseeing Security Threat and Risk Assessments.
* Professional designation (or working toward) a Certified Information Systems Security Professional or Certified Information Security Manager, or equivalent security designation may be considered.

For more information on this career opportunity including how to apply online by May 10th 2017, please visit:



https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=40368


Posted on: April 19, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Manager, Operational Risk – Information Technology

Company: Coast Capital Savings

What’s the job?

Are you experienced and knowledgeable on all things relating to the management of operational risk? You are? Great. We’re looking for someone like you. As the Manager, Operational Risk Information Technology you’ll support the oversight and co-ordination of information technology governance, risk and compliance for Coast Capital Savings. The position is mandated to oversee and support risk management processes and procedures in line with the internal policies and industry best practice. You’ll also provide risk management oversight and support to the ITG, ensuring their operational risks are adequately identified, assessed, controlled, monitored and reported. Additionally, you’ll act as the subject matter expert in providing operational risk management guidance to the First Line of Defense.

What you’ll get to do:

• Actively promote education and awareness on risk management, particularly on the management of risk and related controls and related roles and responsibilities aligned with the 3 Lines of Defense.
• Oversee the review, development, implementation and improvement of ITG policies, frameworks and related risk management procedures, ensuring alignment with best practice for financial institutions and internal policies and frameworks.
• Collaborate with ITG and business partners in developing and maintaining an information technology risk management program that is aligned with the enterprise’s risk management frameworks.
• Ensure the established ITG risk and control frameworks, methodology and processes are operating as intended by the First Line of Defense.
• Provide operational risk management oversight ensuring a risk-based approach is taken to develop the information technology program and related strategy.
• Provide independent review and challenge over ITG's key risk and performance metrics, tolerances and risk assessments, ensuring effective identification, assessment and management of Information Technology related operational risks and internal controls.
• Develop and oversee internal control testing methodology and tools, aligned with the Operational Risk Management Framework, ensuring ITG's key controls over operational risk are consistently monitored and operating effectively by the First Line of Defense.
Provide oversight over third party risk assessments performed by ITG, ensuring alignment with the Operational Risk Management Framework and related internal policies and procedures, over ITG's material vendors.

Who are we looking for?

• You’ll have 4 – 6 years of job-related experience in Operational and/or Enterprise Risk Management, including hands-on experience executing Risk & Control Self-Assessments (RCSA), oversight of risk assessments over new activities, processes, systems and products, and the evaluation of internal controls.
• Bachelor's Degree or a diploma requiring 3 - 4 years of full-time study. One or more certifications in the fields of risk and/or security are an asset, such as CPA, CIA, CRISC or CISA.
• Strong knowledge of risk management concepts, ideally related to practices across IT and information security governance, risk and compliance.
• Strong working knowledge and application of risk management and security, risk and control frameworks, such as COSO, ISO31000, COBIT, ISO27001, and ISO31000.
• Knowledge of legislations and regulations affecting the financial services industry.
• Proficient understanding of information security risks and controls.
• You’ll be a whiz and have advanced knowledge of MS Excel, Word, Outlook, and PowerPoint.
• Strong interpersonal skills with ability to communicate effectively with all levels of personnel.
• Ability to present ideas in business-friendly and user-friendly demeanor.
Ability to remain calm and maintain professionalism and objectivity under pressure.

Why join Coast Capital Savings?
We don’t mean to toot our own horn, but…

• At the top of the list is that we have an environment that empowers our employees and members.
• Employees do what’s best for our members. Every day.
• We believe in being a great corporate citizen so we invest in our local communities by donating our time, money and expertise.
• Our employees take advantage of the many opportunities to grow their careers.
• Employees love having a cool place to work, which includes wearing their jeans on Fridays & Saturdays and being recognized with a virtual (and, at times, an actual) high-five.
• Our inspiring leaders help our employees develop their talents and encourage them to be their fabulous selves.
• We have a unique culture where we take our business seriously, but ourselves, not so much.
• In 2017, we earned double kudos by being named one of BC’s Top Employers and one of Canada’s Best Managed Companies – two of the nation’s most coveted business awards, may we add.

Does this position inspire you?  If so, apply on-line today at Coast Capital Savings.

Posted on: April 11, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Information System Audit Manager

Location: Vancouver - Canada - Full time

Company Description
When you’re passionate about what you do and where you work, the rest comes easy. That’s the culture at Central 1 Credit Union, and that’s precisely what we’re looking for from you. Supporting nearly 150 member credit unions across British Columbia and Ontario, we’re the backbone of the credit union system in both provinces – taking care of everything from online services and product development, to payment processing, trade association services and more.
Our team of over 600 employees represent some of the most innovative, passionate individuals you’ll ever meet; people who honestly care about the organization, its members and each other. In other words, people who love what they do.

Job Description
We're looking for an Information Systems Audit Manager that will be responsible for the effective planning, execution, and reporting of internal audit projects and advisory services with a focus on Information Technology (IT) and Information Security.
Reporting to the Director, Internal Audit, the Information Systems Audit Manager will be accountable for the ongoing management and development of the overall IT audit strategy and framework. The position will also be responsible for providing input and guidance on organizational IT risks and assists in developing the annual IT audit plan.
The Information Systems Audit Manager will work closely with management in all areas of Central 1 by assessing IT risks, completing independent and objective evaluations of IT risks and processes, and recommending improvements to associated IT controls and processes. Additional responsibilities will also include developing and executing audit programs and testing to support ISO 27001 certification, CEO/CFO certification and compliance with NI 52-109 (C-Sox), and SWIFT self-attestation.

Specific Accountabilities
General
- Manage the overall corporate IT audit strategy, framework methodology and develop a comprehensive IT audit program and annual audit plan for discussion with the Director, Internal Audit and presentation to the Audit & Finance Committee of the Board as part of the overall risk-based Internal Audit Plan.
- Identify key IT risk areas across Central 1 in accordance with the established risk governance framework and incorporate into IT audit strategy and annual IT audit planning.
- Identify opportunities to optimize the IT audit process and implement improvements to existing approaches and audit methodologies, consistent with the Institute of Internal Auditor's International Standards for the Professional Practice of Internal Auditing (IIA Standards) and other established IT frameworks and standards (e.g. COBIT).
- Proactively develop, maintain and manage high profile relationships with various internal contacts. Collaborate with management and IT teams to improve overall IT governance.
- Conduct special audits and investigations where fraud or other improprieties are suspected and prepare reports of findings.
- Assist where required in the deployment of the Internal Audit Quality Assurance Program.
- Assist where required in updating and aligning of the overall audit methodology as practiced within the department.
- Keep up to date with developments and legislative changes in the Financial Services industry, corporate governance and the auditing profession.
- Participate on security incident response teams as needed to assist in investigating information security incidents, ensure adequate internal action and timely response and provide advice and recommendations on corrective and preventative actions to reduce the impact of future incidents.
- Represent Internal Audit on various IT project teams and internal committees, management meetings and to external stakeholders. Provide advice on governance, risk and control best practices, conformance with standards, compliance with legislation and regulations and internal policies.
- Liaise with Information Security, Operational Risk and Compliance to understand areas of risk and other security concern/focus and incorporate into audit planning as appropriate.
- Liaise with the Corporate Policy Manager and provide feedback on corporate policies and standards.
- Assist in general department planning and strategy and perform other duties as required to assist the Internal Audit department support Central 1’s business goals.
- Occasional travel to Central 1’s offices outside of BC to conduct internal audits as required.

Information systems audit
- Plan and manage the execution and reporting of all IT audit engagements and projects within agreed budgets and timelines. Manage internal audits end to end (planning, execution and reporting) on various types of engagements assessing information systems governance, security, risk management and controls, including:

1. Internal ISO 27001 conformance audits,
2. NI 52-109 (CEO/CFO certification) IT General Controls testing/audits,
3. General IT audits, project health checks, application reviews, cybersecurity and SWIFT reviews/audits.

- Prepare audit finding summaries, updates and audit reports for discussion with auditees and the Director, Internal Audit and presentation to management and the Audit & Finance Committee of the Board of Directors.
- Meet with all levels of employees and management, following audit procedures to ensure that audit objectives and conclusions are adequately addressed and supported.
- Monitor and follow up on audit findings and remediation action plans with employees and management to ensure resolution.
- Coordinate and facilitate audit activities with other assurance providers (e.g. external audit, ISO certification auditors) and regulators, as necessary, to ensure optimal audit coverage.

Qualifications

Education and experience:
- Post-secondary education in Information Technology, Business or a related discipline.
- Professional certification in information systems auditing - Certified Information Systems Auditor (CISA).
- Certified ISO 27001 Lead Auditor (or willingness to obtain).
- Other certifications such as CIA, CISSP, CISM, CRISC would be beneficial.
- At least 5 years’ IT audit/assurance experience. (Financial Industry experience would be considered beneficial).
- An equivalent combination of education and experience may be considered.

Technical requirements:
- Extensive knowledge of IT control systems, infrastructures, processes, operations, risk management frameworks and best practices.
- In depth knowledge of IT auditing methodologies and tools including risk assessments, controls and governance.
- Experience with internal control frameworks and management standards related to risk management, internal control and information systems, e.g. COBIT, ITIL, COSO, PCI.
- Experience with ISO 27001:2013 & ISO 19011:2011 and conducting conformance audits.
- Previous experience with SOX or National Instrument 52-109, Certification of Disclosure in Issuers’ Annual and Interim Filings, (C-Sox) compliance requirements.
- Strong IT strategic thinking skills – ability to find innovative, yet practical, strategies to achieve goals, link several strategies into a unified plan, while anticipating needs and maintaining a future focus.
- Critical thinking skills and the ability to make sound judgments in a deadline-oriented environment.
- Demonstrated ability to work independently, be self-motivated, highly organized and exercise professional judgment.
- Strong verbal and written communication skills, ability to present information to a wide variety of end users and ability to exercise initiative are required. Focus on relationship-building and communicating effectively with people at all levels and in all departments as well as external consultants.
- Proven audit planning and project management skills in a multi-assignment environment.
- Excellent attention to detail but also able to view issues holistically and identify key issues and risks.
- Knowledge of the Institute of Internal Auditor’ Code of Ethics and Standards for the Professional Practice of Internal Auditing.
- Must be proficient with MS Office; knowledge of automated auditing or GRC software would be an asset.
- Ability to learn new business processes and functions within a short period and provide value added assessments and recommendations.

Additional Information
As much as we believe in working hard, we also believe in personal growth and taking time for ourselves. Accordingly, our total rewards philosophy amounts to one of the best compensation and benefits packages in the industry – from performance-based incentives and extended benefits, to training and education reimbursements and ample vacation time.
If you are looking to further your career in a dynamic, client-focused and project-based environment, please apply with your cover letter and resumé in confidence Central 1 is committed to diversity and inclusion. If you have a request for a disability-related accommodation, we will work with you to meet your needs.

To apply please click here

Posted on: March 23th, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Manager Audit Services IT - BCLC

Location: Kamloops, BC, CA
Company: British Columbia Lottery Corporation


Are you an IT Security or Information Management people and thought leader with an extremely strong attention to detail? Do you thrive on building strong relationships with your peers in other departments to further your business success? We want to hear from you...

The Manager, Audit Services IT is accountable for the effective planning and execution of IT audits of varying complexity and ensuring IT audit activities are consistent with and supportive of the overall IT audit strategy and framework. The role will also provide input and guidance on organizational IT risks and assist in developing/completing the annual IT audit plan. The Manager works closely with management in all areas of the organization by assessing IT risks, completing independent/objective evaluations of IT risks and processes, and recommending improvements to associated IT controls and processes.

For more details and to apply, please click here

Posted on: March 4, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Audit Services Advisor - ICBC, North Vancouver, BC


Location: North Vancouver
Employment Type: Permanent Full Time


A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. Make the most of your skills and take the opportunity to grow and develop your career. You can expect a competitive salary, comprehensive benefits and a challenging work environment. Drive your career with us. ICBC is an equal opportunity employer, and invites applications from all qualified candidates.

Position Highlights

ICBC’s Corporate Audit Services department has a tremendous opportunity for an enthusiastic individual who will bring a wealth of knowledge and expertise to their professional team. As a Senior Audit Services Advisor, you will design and perform a variety of complex, large-scale risk-based audits to determine the appropriateness and effectiveness of controls while championing best practices throughout the organization. 



Your responsibilities will include:
• Providing input to business units on the proposed design of internal controls and governance processes for new initiatives;
• Designing appropriate audit approaches for various audit projects of various sizes;
• Performing data collection and analysis according to audit plan;
• Preparing reports on the adequacy and effectiveness of governance and controls;
• Identifying and evaluating opportunities for organizational improvement in support of corporate goals and objectives;
• Acting as project team lead and monitoring progress against schedule and deliverables;
• Utilizing audit methodology developed by best practices and relevant professional associations to improve internal control processes.

Position Requirements

Ideally, your post-secondary education is complemented by a professional designation (CPA, CIA, CISA, etc.) along with at least 4 years of senior internal audit experience in a large corporation with multiple business units
• Or at least 6 years of public practice experience in a mid to large size public practice firms;
• Solid knowledge of audit processes;
• Strong written and verbal communication;
• Critical thinking skills and the ability to make sound judgments in a deadline-oriented environment.

Required skillset for one or more of the following:
• IT audit experience in a large organization or public accounting firm;
• Data analytics in a complex IT environment;
• Insurance industry knowledge;
• Forensic investigations.

Position Information

A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. Make the most of your skills and take the opportunity to grow and develop your career. You can expect a competitive salary, comprehensive benefits and a challenging work environment. Drive your career with us.
ICBC is an equal opportunity employer, and invites applications from all qualified candidates.

Posted on: February 18, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Security Specialist– Ministry of Health - BC Public Service, Victoria, BC Canada


Salary $72,095.17 - $82,478.97 annually
2 positions available

POSITION DESCRIPTION

The Health Information Privacy, Security and Legislation (HIPSL) Branch is accountable for the design, implementation, and continual advancement of the provincial information privacy and security framework (including ensuring the ministry’s compliance with the Freedom of Information and Protection of Privacy Act (FOIPPA), the E-Health Act, and other applicable health-specific legislation. HIPSL provides information privacy and security leadership, expertise and advice regarding legislation, regulation, policies, industry standards, and best practices for the Ministry and the broader health sector.



HIPSL is currently looking for a strategic thinker who will drive the development, implementation and management of the division’s strategic vision and priorities related to health security risk management practices and project deliverables across the ministry. You will evaluate new and emerging security technology and trends as well as the associated cybersecurity threats to security infrastructure and develop related standards and policies. You may also be responsible for providing advisory services to lines-of-business, and enabling the achievement of the government’s Information Security Policy. Specifically, you may provide advisory services to assist in the development and support of sound security strategies, security assessments and secure control processes to protect the Ministry's information and data resources.

Qualifications for this role include:


• Degree, diploma, certification or equivalent in the computer science field. Degree preferred.
• Professional designation as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), or equivalent.
• 5 years of IT experience, of which a minimum 3 years’ experience developing enterprise security architecture in a large, complex organization.

For more information and to apply by February 22, 2017, please go to: https://search.employment.gov.bc.ca/cgi-bin/a/highlightjob.cgi?jobid=38939

Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted.

Posted on: February 11, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Internal Audit Manager – WorkSafeBC - Vancouver BC Canada



POSITION DESCRIPTION

We’re looking for an audit manager to lead an internal audit team who provide risk-based internal assurance services to evaluate and contribute to the improvement of governance, risk management, and internal control processes. You’ll represent the department and provide project and assurance leadership and direction to staff, while planning and conducting complex assurance and risk advisory engagements.

Consider joining a team who apply award-winning practices and strive to deliver innovative and leading internal audit services to their clients. This is a temporary assignment to October, 2018.

What you’ll do
As an internal audit manager you will:
 Plan and conduct risk based audits to evaluate the adequacy and effectiveness of risk management, control, and governance processes
 Lead and mentor the internal audit team
 Represent the department and interact with senior management
 Plan for future departmental requirements for skills, resources, and procedures, and create an environment that supports learning and renewal

Is this a good fit for you?
We’re looking for someone who can:
 Take initiative and use innovation, challenging current procedures and practices, and evaluating opportunities and improvements
 Provide mentorship and direction to staff while demonstrating ethical and professional behavior, objectivity, and an appreciation for differing perspectives
 Communicate clearly and succinctly in both oral and written form to all levels of the organization
 Understand client needs and ensure knowledgeable and timely service

Your background and experience:
 A professional accounting designation – CPA (CGA, CMA, CA)
 A minimum of 10 years of business experience that includes:
o at least five years of internal audit experience o at least five years in a leadership role
 Other education and work experience will be considered, but should include:
o strong management, business analysis, and risk management expertise
o excellent written and verbal communication skills and outstanding interpersonal skills
 A CIA or CISA designation is mandatory
 Experience with IT audits is an asset

Who are we?
At WorkSafeBC, we’re dedicated to promoting safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation, and support injured workers in their recovery, rehabilitation, and safe return to work. We also work diligently to sustain our workers compensation system for today and future generations. We’re honoured to serve the almost 2.3 million workers and 210,000 employers in our province.

What’s it like to work at WorkSafeBC?
It’s challenging, stimulating, and hugely rewarding. Our positions offer tremendous diversity and excellent opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important and so are the people we do it for.

Our benefits
Being part of WorkSafeBC means being part of a strong, committed team. Along with a competitive salary, your total compensation package may include vacation, optional leave arrangements, health care and dental benefits, and contributions toward your retirement pension. As a member of our team, you'll have access to services and benefits that can help you get the most out of work — and life. Learn more about what we offer.

We’re an inclusive and accessible employer, committed to employment equity objectives, and we invite applications from all qualified individuals. Please note that this position is restricted to those legally entitled to work in Canada.

To apply
Visit our career page at www.worksafebc.com and select Current Opportunities to submit a resume and cover letter that details your characteristics, accomplishments, and prior work experience related to the requirements for the position. We can only accept applications submitted through our website.

Application deadline: February 23, 2017

Thank you, in advance, for applying. Unfortunately, we’re only able to contact those whose applications we will be pursuing further.

Posted on February 1, 2017

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

ANALYST, IT AUDIT & CYBER RISK – Kerrisdale Group - Vancouver BC Canada



POSITION DESCRIPTION

We are looking for candidates who are passionate about IT audit, compliance and cyber security risk. This is a unique opportunity to join a small, yet dynamic team and directly contribute to the growth of our IT General Controls (ITGC) & Cyber Security Risk programs. The Analyst, IT Advisory & Assurance, position will report directly to the head of our ITGC Assurance Program and will participate in a variety of Information Security Audit and Cyber Security Risk client engagements. The role will also provide ad-hoc technical and operational assistance when called upon.
We seek those who are interested in a challenging and rewarding career experience, not just a job. We expect our team to deliver solutions through a combination of diverse, real world experience and a sense of urgency, commitment, collaboration and bias for results. We look for candidates with a demonstrated track record of success in challenging environments. The ideal candidate will thrive in ever-changing, entrepreneurial environment which is high on team camaraderie and committed to our shared root values.

DUTIES and RESPONSIBILITIES

IT AUDIT & CYBER RISK ASSESSMENT
Support on-going ITGC control monitoring programs, SOX (Sarbanes-Oxley) IT audits, and Cyber Security Risk assessments
Document and evaluate business processes, risks and IT controls
Conduct preliminary IT security scans including file-server share and application permission reports
Discover, Inventory and review key systems, devices, user accounts, data sources, and corresponding logs
Participate in network vulnerability assessments, port scans, and analysis
Develop, run, maintain and document IT audit scripts and reports
Make recommendations to address control deficiencies, optimize risk, and improve operational efficiency
Inventory and revise IT policies and procedures
Keep technical diagrams up to date
Liaise with client IT personnel, remote staff, managed service providers and third party vendors

TECHNICAL CONSULTING & SUPPORT
Visit client sites and liaise with staff at all levels of the client organization
Analyze IT requirements within companies and provide independent / objective advice on the use of IT and present solutions in written or oral reports
Contribute to Kerrisdale Group’s growth by delivering tangible and significant business value to our clients
Document process workflows, knowledge articles, and reports using a variety of applications and cloud-based tools
Evaluate and recommend new technologies and solutions where appropriate
Other duties as assigned

EXPERIENCE and SKILLS
Bachelor's Degree in Management Information Systems, Accounting Information Systems, Computer Science or related discipline degree from an accredited college or university OR equivalent experience.
2 years’ work experience in an IT related role demonstrating excellent analytical, organizational and problem-solving aptitude
One of the following certifications: CompTIA Network+, CompTIA Security+, Cybersecurity Nexus (CSX), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other certification / accreditation
Understanding of IT desktop, server & network infrastructure including Active Directory and NTFS Permissions Familiarity of IT policies & procedures
Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously
Excellent written and verbal communication, organizational, problem solving, and decision-making skills
Strong personal integrity, business ethics and customer service skills
Excellent time management and prioritization skills
Ability to exercise good judgment in evaluating situations and making decisions

DESIRABLE SKILLS
Understanding of standards and frameworks such as Control Objectives for Information and Related Technology (COBIT), CIS Top 20 Critical Security Controls (SANS), and Information Technology Infrastructure Library (ITIL)
Familiarity and understanding of information security regulator requirements (e.g., SOX/C-SOX)
Understanding of and practical experience with information security risk assessment and information security audits
Experience with IT vulnerability and forensics tools are an asset.
Experience with ERP and Accounting Systems
Spanish speaking & writing skills

COMPANY OVERVIEW The Kerrisdale Group of Companies includes a unique and diverse portfolio of Technology Management services. We have the depth of experience of larger companies combined with flexibility, agility and a personal touch that only comes with a boutique style firm. Our people make us different - all of whom are enthusiastic about supporting and serving others. We’re passionate about making a meaningful and measurable impact in all we do. Our approach delivers enduring results, true to each client’s specific situation. We always aim to do the right thing for our clients, our people and our causes.

Posted on January 16th, 2017


*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  * 

Senior Security Analyst – Victoriar BC Canada – BC Public Service, Ministry of Transportation and Infrastructure



Salary $65,033.32 - $74,351.64 annually

The Information Management Branch (IMB) provides information management and information technology (IM/IT) services to our clients at the Ministry of Transportation and Infrastructure and B.C. citizens. With the support from our service providers, the IMB develops and maintains a number of web-based line-of-business applications including the high profile drivebc.ca.

As part of the Information Management, Security and Privacy team at IMB, the Senior Security Analyst plans and conducts various security and privacy assessments on a variety of systems, web applications, and IoT devices; integrates security into the ministry’s deployment pipeline; and manages and continuously improves automated static and dynamic analysis in the ministry’s deployment pipeline. The Senior Security Analyst performs on-demand web application security assessments using various open source tools, effectively communicates the findings to stakeholders in various formats (e.g. presentations, reports, and meetings), and works with stakeholders to identify and implement solutions.

Analytical, detail oriented, results focused, and committed to continuous learning, you have the ability to identify and communicate reasonable solutions that balance the business requirements/environment and the protection of personal and business information. Applying your experience and knowledge, you integrate information security into agile development and DevOps approaches.

Qualifications for this role include:

• Degree in computer science field or business or equivalent and three years related experience; or Diploma in computer science field or business or equivalent and five years related experience; or ten years of related IM/IT experience.

• Minimum of two (2) years’ experience working in Information Security field, preferably in a Microsoft environment.
• Experience conducting security threat risk assessments and/or web application security assessments.
• Knowledge of all aspects of IT security including current technologies and best practices.
• Knowledge of change management processes and project management methodologies.

For more details and to apply by January 3, 2017, please click here

Attention: only applications submitted through the BC Public Service’s employment website (see link above) will be accepted

Posted on December 26, 2016

*  *  *  *  *  *  *  *  *  *  *  *  *  *  *  *