Information Security Program Specialist

Fredericton, NB, Canada ● Halifax, NS, Canada ● Moncton, NB, Canada ● Saint John, NB, Canada Req #606
January 3, 2023
Who We Are:  
Headquartered in Atlantic Canada with offices across the United States and around the world, Bulletproof has decades of experience in IT, security, and compliance. The company’s footprint now includes users on six continents trusting Bulletproof to address their technology challenges and strengthen their security posture. 
Driven by innovative, empowered and creative teamwork, we build solutions that solve business challenges and deliver overall business improvement for our global clients. At Bulletproof, we are committed to our customers, our team and our communities. Bulletproof's practices include Security and Network Operations Centers, Security Assessment & Audit, Quality Assurance and Testing, Project Management, Microsoft Consulting, Managed Services, Managed Security Services, and Product Fulfillment; working together to provide true end-to-end business solutions.   
Why Bulletproof:  
At Bulletproof, our people are the core of who we are and what we do. Founded in Atlantic Canada and now operating globally, it’s our people who drive us and who bring us together. We believe that it’s through trusting and empowering our entire team, that we achieve more. Bulletproof is a Microsoft Solutions Provider, a FOUR-PEAT Microsoft Canada Workplace Impact Award winner, and crowned the 2021 Microsoft Global Security Partner of the Year. Bulletproof is proud to be a member of the Microsoft Intelligent Security Association. We are committed to helping our customers achieve more. 

Job Summary:

The Information Security Program Specialist works closely with the broader Information Security team to deliver service directly to clients. It is responsible for diving deep into a client organization, conducting risk assessments, leading client security governance meetings, creating policies, implementing information security programs, assessing compliance, and guiding an organization through information security changes.
Duties and Responsibilities:
• Consulting and acting as the expert to find the intersection of business process, technical infrastructure and compliance laws, rules, and regulations as it relates to clients.
• Perform or guide an assessment from start to finish with a risk-based approach the client's security posture by identifying findings and providing recommendations to reduce risks.
• Working with clients to Implement Information Security Risk Management programs.
• Working with clients to create written information security plans and/or system security plans, creating and updating policies based on changing security or compliance requirements, business processes and/or provincial/state/federal regulations.
• Providing ongoing guidance and project/program management for client’s information security programs, including consulting with clients, advising on compliance, guiding through information security implementation and compliance situations.
• Leading governance meetings, planning meetings, client training, and tabletop exercises.
• Designing future state from a pragmatic standpoint and advise clients on prioritization to improve their security posture.
• Creating presentations and trainings that are easy to understand, user friendly, and align with company culture.
• Assessing third-party supply chain risks.
• Assessing Information Security and Technology risks.
• Monitoring industry standards and frameworks.
• Defining, improving, and guiding procedures, tools, and reporting practices in GRC.   
• Provides support to project scoping and engagement planning, including participating in kick-off meetings, promptly supporting project manager requests, supporting technical inquiries for sales or marketing, responding to complex client technical queries.
• Supports practice leads by performing specific team leadership tasks as assigned, such as hosting team meetings or calls, acting as an owner for specific team organizational processes, or ensuring specific project goals are on track.
Required Education and Credentials:
• Bachelor’s degree in any subject area or equivalent experience.
• Information Security certifications such as CISM, CISSP, CRISC, CDPSE, GRCP are considered an asset but not required.
Skills and Experience:
• Minimum seven years leading and implementing information security programs experience.
• Three years of business consulting experience.
• Proactive in identifying and resolving issues and working through challenges with a positive attitude.
• Empathetic team member able to build strong relationships with clients and team members.
• Strong written and oral communication skills.
• Critical eye for details.
• Able to work effectively with minimal supervision.
• Excellent time management, task planning, and prioritization skills.
• Strong proactive project management skills.
• Understanding of Business Management.
• Knowledge of Security technology and cloud environments.
• Knowledge of security and privacy frameworks/standards.
• Able to adapt quickly to changing client and team requirements.
• Proficient with Microsoft Office Suite of Tools
• Leadership and relationship-building skills.
• Able to meet deadlines.
• Able to document issues, alternatives, and recommendations in an effective manner suitable for executive consumption.

Equal Opportunity Statement:  
Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration status. 

Other details

  • Job Family Canada
  • Pay Type Salary
  • Employment Indicator Regular
Location on Google Maps
  • Fredericton, NB, Canada
  • Halifax, NS, Canada
  • Moncton, NB, Canada
  • Saint John, NB, Canada