Information Security - Governance & Assurance

This is a senior cybersecurity governance role focused on ensuring that all government systems, applications, and digital services meet strict security, compliance, and risk management standards. You will be responsible for security assurance, audits, compliance reviews, and risk assessments across systems used by the department and its partners.

Conduct penetration tests, vulnerability assessments, and security control reviews Evaluate system security for new and existing projects Review cloud services, APIs, and digital platforms for security risks Ensure compliance with standards like ISO 27001, NIST, CIS Controls Monitor adherence to cybersecurity policies and government regulations Approve or reject security exceptions and requests Perform risk assessments and gap analysis Identify vulnerabilities and evaluate their business impact Develop mitigation and remediation plans Review and approve security controls (design, implementation, operation) Monitor vulnerability management programs Ensure security-by-design in all projects Assess supplier and vendor security compliance Review contracts and agreements for security requirements Participate in technical change management meetings Support incident detection, response, and recovery processes Oversee security monitoring use cases and escalation procedures Ensure timely resolution of vulnerabilities and security issues

10+ years in information security or cybersecurity governance Experience in government or large enterprise environments Strong background in security assurance and compliance frameworks Computer Science Information Technology Cybersecurity or related field CEH (Certified Ethical Hacker) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) CISM (Certified Information Security Manager)

Fully remote job Flexible working environment Paid time off Health and dental coverage Career growth opportunities Performance rewards and incentives