Position Title:

ERP Lead Security Analyst (Finance) (Hybrid)

Status of Employment:

Contractee Long-Term (Fixed Term)

Position Language Requirement:

Language Skills:

Work at CBC/Radio-Canada

At CBC/Radio-Canada, we create content that informs, entertains and connects Canadians on multiple platforms. Our successes and accomplishments are driven by embodying and upholding values, which include creativity, integrity, inclusiveness and relevance.

Do you think you have the ability and drive to keep up with this exciting, ever-changing industry? Whether it be in front of the camera, on air, online or behind the scenes, you would be joining a team that thrives on making connections and telling stories that are important to Canadians.

Unposting Date:

2024-06-24 11:59 PM

This role is a hybrid work arrangement. Work schedule to be discussed with Hiring Manager according to the guidelines defined by the department.

Role Summary:

The Finance ERP Security Analyst is responsible for managing and overseeing the security, and control aspects of Finance ERP systems, ensuring the protection of sensitive data and compliance with relevant regulations. This role involves designing, implementing, and maintaining security policies, procedures, and controls to safeguard the organization's Finance ERP environment.

Key Responsibilities:

Security Design and Implementation:

• Develop and enforce security policies, standards, and procedures.

• Design and implement role-based access control (RBAC) and segregation of duties (SoD) frameworks.

• Configure and manage security settings within ERP applications, including user roles, profiles, and permissions.

Access Management:

• Manage user provisioning, de-provisioning, and role assignments.

• Conduct regular reviews of user access to ensure compliance with security policies.

• Address access-related issues and resolve user access requests promptly.

Monitoring and Compliance:

• Monitor system logs and security alerts to detect and respond to potential security breaches.

• Perform security audits and assessments to identify and mitigate risks.

• Ensure compliance with industry standards, such as COSO, SOX, GDPR, and other relevant regulations.

Incident Response:

• Investigate security incidents and breaches, perform root cause analysis, and implement corrective actions.

• Collaborate with IT security and incident response teams to address security threats and vulnerabilities.

Security Training and Awareness:

• Work closely with the Finance Business Systems team, IT, business units, and external auditors to ensure security measures align with business objectives.

• Provide training and guidance to users on security best practices and policies.

• Stay updated on the latest security trends, vulnerabilities, and technologies related to the ERP system.

System Upgrades and Patching:

• Oversee the application of security patches and updates to the Finance ERP system.

• Ensure system upgrades do not compromise security and are tested thoroughly.

Qualifications:

Education and Experience:

• Bachelor's degree in Computer Science, Information Security, Business Administration, Accounting or a related field.

• Minimum of 3-5 years of experience in ERP security, with a focus on ERP systems.

• Proven experience with RBAC, SoD, and access management in ERP environments.

Technical Skills:

• Proficiency in Finance ERP applications, particularly in security and user management modules.

• Strong understanding of security frameworks, principles, and best practices.

• Experience with security tools and technologies relevant to Finance ERP systems.

• Experience with business process controls

• Security, Controls and GRC

Soft Skills:

• Excellent analytical and problem-solving skills.

• Strong communication and interpersonal skills.

• Ability to work independently and collaboratively in a team environment.

Analytical Skills:

• Ability to perform detailed security risk assessments and develop effective mitigation strategies.

• Strong problem-solving skills with a focus on identifying and resolving security issues.

Compliance Knowledge:

• Familiarity with regulatory requirements and industry standards relevant to ERP security.

• Experience supporting audits and ensuring compliance with regulations such as COSO, SOX, GDPR, etc.

Desired Attributes:

Education and Experience:

• Relevant certifications such as CISSP, CISM, or ERP Security certifications.

• Knowledge of ERP modules such as Financials, Procurement etc.

• Experience implementing ERP Risk Management & Compliance Module – Advanced Access Controls, Advanced Financial Controls, Financial Reporting Compliance

• Bilingualism (English and French) would be asset

Candidates may be subject to skills and knowledge testing.

We thank all applicants for their interest, but only candidates selected for an interview will be contacted.

CBC/Radio-Canada is committed to being a leader in reflecting our country’s diversity. That’s because we can only create and tell the stories that connect Canadians, by having a workforce that mirrors the ever-changing makeup of our country. That’s why we, as an employer, value equal opportunity and nurture an inclusive workplace where our individual differences are not only recognized and valued, but also extend to and pervade all the services we provide as Canada’s public broadcaster. For more information, visit the Diversity and Inclusion section (http://cbc.radio-canada.ca/en/working-with-us/jobs/diversity-inclusion-cbc-rc) of our website. If you have accommodation needs at this stage of the recruitment process, please inform us as soon as possible by sending an e-mail to recruitment@cbc.ca .

You are invited to consult and familiarize yourself with our Code of Conduct, which can be found on our corporate website (http://cbc.radio-canada.ca/en/vision/governance/corporate-policies/values-ethics/conduct) . All employees must adhere to the Code as a condition of employment. We also invite you to take a look at our policy on conflicts of interest (http://cbc.radio-canada.ca/en/vision/governance/corporate-policies/human-resources/conflicts) . In the event that you become an employee, it will be important to inform us, as quickly as possible, of any situation that, because of your hiring, constitutes or could appear to constitute a conflict of interest.

Primary Location:

Broadcast Centre 205 Wellington St. W., Toronto, Ontario, M5V 3G7

Number of Openings:

1

Work Schedule:

Full time

At CBC/Radio-Canada (http://cbc.radio-canada.ca/en) , we create content that informs, entertains and connects Canadians on multiple platforms. Our successes and accomplishments are driven by embodying and upholding values, which include creativity, integrity, inclusiveness and relevance.