• Job Description

  Req#: R00002775

  SaskEnergy is seeking a qualified and motivated individual to join our team. The Specialist, Security Governance, Risk and Compliance (GRC) coordinates and performs security assessment functions and control testing, reporting, and activities in accordance with the SaskEnergy’s internal controls compliance, regulatory, audit, policies and procedures. The Specialist also coordinates business continuity functions, security awareness activities, third party risk assessments, policy and standard creation, and implementation of cyber security strategy and roadmaps.

  Position Details

  • Non-union - This position is permanent full time.

  Key Accountabilities

  • Implement, improve, and assess security controls, risk assessment framework, and the governance, risk and compliance program to ensure alignment with regulatory requirements.

  • Lead the implementation of multi-year program maturity activities to ensure security mitigation activities meet organizational plans and objectives.

  • Lead compliance initiatives with designated team members (including employees, contractors and consultants) in order to deliver effective security outcomes.

  • Work with internal audit, external audit, and regulatory agencies to provide supportive documentation, recommend actions for management’s consideration, and coordinate responses to audit findings.

  • Ensure documented and sustainable compliance that aligns and advances company business objectives.

  • Evaluate risks and develop security standards, procedures, and controls to manage risks.

  • Seek key stakeholder input on existing and evolving business processes and provides security guidance based on policies, regulations, and controls frameworks.

  • Lead Security Awareness activities across the organization to promote and provide education on security topics.

  • Coordinate the organization’s Business Continuity Plans to ensure all business units have a well formed and tested BCP.

  • Coordinate governance activities with regulatory and audit stakeholders for engagements focused on security activities.

  • Schedule regular assessments and testing of effectiveness and efficiency of controls.

  • Create regular reporting, metrics, dashboards and evidence artifacts.

  • Other related duties as assigned.

  Knowledge/Skills/Abilities

  • Degree in Administration, Computer Science or Engineering.

  • Eight (8) years of experience in cyber security, risk or compliance activities.

  • Experience utilizing in using one or more cyber security controls framework such as NIST 800-53, ISO 27001, CIS CSC 18, etc.

  • Applicable certification(s) in cyber security such as CISSP, CISM or GAIC Certifications or business continuity such as DRI SBCP.

  • Ability to work on a team while building and maintaining effective relationships.

  • Must have a continuing record of professional development and continuous learning.

  A suitable combination of relevant education and experience may also be considered.

  Additional Information

  • Travel away from bid headquarters may be required on occasion.

  Application Instructions

  • Please apply online with your cover letter and resume outlining your qualifications.

  • For more information on this position, please contact Human Resources at 306-777-9091.

  Closing Date

  December 18, 2023

  Salary Range

  $85,680 - $122,868

  #LI-POST

• About the company

  SaskEnergy is Saskatchewan's natural gas distribution company and a Crown corporation, serving approximately 400,000 residential, farm, commercial and industrial customers.

Notice