Offers “CGI”

38 days agoCGI

Supply Chain Security Risk Analyst

  • Sales

Job description

Position Details

Job order - J0722-0121 - Permanent Full Time


Supply Chain Security Risk Analyst


Cyber Security


Canada, , Canada

Job Description

Supply Chain Security Risk Analyst

Position Description
As a member of CGI’s Global Security team, the individual performs an operational role in the Supply Chain Security

Risk process. The incumbent assists with the execution of the defined process and helps to make sure the program is operating effectively according to expected levels of standards and quality.

Your future duties and responsibilities
• Execute the process used to perform security risk assessments of CGI’s third parties who may meet materiality
criteria for evaluation
• Ensure timely and accurate reporting of security metrics (KPIs/KRIs)
• Schedule review of security assessments of existing third parties
• Assist security and business operations in the development of acceptable risk mitigation plans
• Execute information security risk and control identification, evaluation, documentation, analysis and reporting
using analytical tools to support the process
• Partner with various other interested parties (Global Procurement, Legal, CIO, BU Security teams, etc.)
• Track and document all third-party risk information, including regular reports for high level management
• Help to ensure contractual adjustments are made to agreements between CGI and its vendors to include
protection of information and facilities
• Assist with the escalation of any issues that may impact business objectives and priorities involving vendor
• Perform other duties as deemed necessary

Required qualifications to be successful in this role
• Bachelor’s Degree or equivalent

• Relevant security certification (CISM/CISA; CISSP, etc.)

• Minimum of three (3) years’ experience in information security
• Experience with producing management reports and developing KPIs
• Expert knowledge of security / risk control frameworks (COBiT, ISO 27001, PCI-DSS, NIST CSF, ITIL), and
business continuity / disaster recovery frameworks (ISO 22301, ISO 27031)
• Previous experience working with vendor assessments for a global organization
• Previous experience with reviewing security assessment results (penetration tests, control evaluation,
vulnerability assessments, audit results, etc.)

• Highly self-motivated, self-directed and attentive to detail
• Facilitation skills with an ability to build relationships with stakeholders
• Excellent oral, written and interpersonal communication skills
• Excellent English and French verbal and written fluency

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today — one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI — where your ideas and actions make a difference.




Make every future a success.
  • Job directory
  • Business directory