Aurora Cannabis is looking for an IS Compliance Specialist to join our Information Services team in the fast-paced cannabis industry. The successful candidate will act as a central point in IS for Enterprise Risk & Assurance along with external auditors. The candidate should have a thorough knowledge of controls around financial reporting, compliance, and operational processes, including business process and IS management controls.
RESPONSIBILITIES:
- Support the Enterprise Risk & Assurance team on IS audit planning, IS audit program development, and preparation for IS SOX initiatives
- Act as an internal IS auditor for Systems Delivery Lifecycle (SDLC) project audits, operational ITGC audits, as well as adherence to other IS policies
- Lead the execution of IS audit activities, including the daily operational monitoring checks, periodic inspections points, fulfillment of IS audit requests, and coordination of training/awareness campaigns.
- Create and update documentation and implementation policies and procedures throughout IS to ensure compliance with external regulations.
- Assist with management and development of corrective action plans for IS audit issues or challenges identified.
- Develop and implement effective reporting to keep project stakeholders and senior management informed on key IS compliance metrics
- Reviewing all new products, systems, or processes to ensure compliance
- Report on a regular basis status of compliance to the IS Senior Leadership team.
SKILLS REQUIRED:
- Excellent verbal and written communication skills
- Analytical thinker with strong conceptual and problem-solving skills
- Ability to work effectively with clients and all stakeholders for successful project completion
- Experience/familiarity with the following regulations:
- Canadian Federal and Provincial Privacy Regulations
- GDPR
- HIPPA and PHIPA
- Records Management
- Sox and C-Sox
- PCI
- Experience working with Systems Development Life cycle framework
- Strong background in creating and maintaining IS policies, standards and process and procedure documentation
- Knowledge of MS Office (Word, Excel, Project, and Outlook)
- Strong work ethic, highly motivated and enjoys a challenge
- Detail conscious and result oriented
- High level of professionalism, integrity and ethics
- Willing and able to learn new skills and concepts quickly
- Enjoys a multi-faceted and dynamic work environment
- Able to prioritize and be flexible, while maintaining efficiency
EDUCATION & EXPERIENCE:
- 5+ years of working with IS related controls
- Proven ability to deliver clear and concise reports and documentation
- Proven ability to communicate with all levels of management, both verbally and in writing
- Customer service driven with excellent communication and people skills
- Results oriented with the ability to effectively prioritize
- Proactive and displays initiative: Seeks out information, answers, etc. without needing to be pushed to do so
- Other Education / Certifications not required, but considered an asset: CIA or CISA, ITIL Foundation
We would like to thank all applicants for their interest but only those selected for an interview will be contacted.