Senior Advisor - Information Security (ITD240)

October 15 2019
Industries Energy
Categories Information Technology, Consultation, Business analyst, Security, Continuity, Risk
Longueuil, QC

Role and Responsibilities

Reporting to the Senior Director – Information Technology, the Senior Advisor – Information Security will be responsible for information security throughout the company and will be the designated security expert within the Information Technology team. The main responsibilities are as follows:

  • Propose instructions, guides, standards and processes pertaining to information security and cybersecurity in line with best practices, and ensure their implementation and optimization;
  • Carry out various operational, monitoring and tactical activities to fully secure systems and networks;
  • Provide advice to internal clients on requirements for securing systems, networks and equipment, as well as on security controls and protection measures;
  • Recommend measures to make sure the systems in place comply with appropriate cryptographic and security standards;
  • Look into systems to evaluate threats, sensitivity levels, vulnerabilities, mitigation measures and residual risk levels;
  • Review changes made to the security of information systems to evaluate the risks and make recommendations to protect the information;
  • Ensure the mapping of processes is up-to-date;
  • Develop mitigation measures based on sound practices, in collaboration with stakeholders;
  • Raise user awareness of sound information security practices and provide support to various teams to implement security controls;
  • Participate in change management activities in collaboration with the HR department and managers;
  • Collaborate with internal and external audit teams and act as a facilitator with internal teams for the implementation of best practices and recommendations;
  • Provide support to training committees as required;
  • Carry out technology monitoring of best practices and propose improvements.


  • Strategic, tactical and operational experience with information security and cybersecurity;
  • Ability to systematically identify, analyze or evaluate potential risks;
  • Staying informed of latest trends in terms of information security;
  • Ability to dive into details when required or to summarize efficiently to facilitate decision-making;
  • Strong work ethic, quality-minded and very responsible;
  • Sound understanding of solution architecture.

Professional Requirements

  • Bachelor's degree in Information Technology, Systems Engineering or Management, or an equivalent combination of studies and experience;
  • Master's degree, an asset;
  • 5 to 7 years of relevant experience;
  • Experience in drafting or reviewing threat and risk assessments;
  • Experience in the technical evaluation of vulnerabilities;
  • Knowledge of the ISO 27001 standard;
  • Expert knowledge of Microsoft Office Suite;
  • CISSP or CISM certification;
  • Fluently bilingual (French and English), written and spoken; Spanish, an asset.

Company Profile

Innergex Renewable Energy Inc. is a global player with an extensive and growing portfolio of assets in Canada, the United States, France and Chile. The Corporation develops, acquires, owns and operates hydroelectric facilities, wind farms and solar parks exclusively producing renewable energy.

Sustainable development producing positive social, environmental and economic results guides our actions. We are not only proud of the work we do, but also of the way we do it. Our many accomplishments and continued successes are made possible by our outstanding team of employees.

Innergex, a publicly traded corporation, has offices in Longueuil, Vancouver, Lyon and San Diego.

The position could be based at the company's head office located in Longueuil, steps away from the Longueuil-Université de Sherbrooke metro station.

Apply now! network