CBN Secure Technologies Inc. (CBN STI) is a leader in the manufacture and production of award-winning polycarbonate identification products (driver’s license and identification (DL/ID) cards, passport data page) for various US states and international customers. Current DL/ID customers include the States of Virginia, North Carolina, South Carolina, New York, and Wisconsin.

What We Can Offer You

• Compensation: We seek long term relationships with our employees and recognize and reward them with a competitive total compensation package that includes:
  • A 401k with company matching contributions;
  • Paid time off (PTO);
  • Group health, dental, vision, and life insurance;
  • Access to employee and family assistance program; and
  • Access to virtual mental health and wellness apps.
• Career: As a knowledge-based organization we will provide you with a wealth of learning opportunities and challenging work that will grow your knowledge, skills and abilities. At CBN STI, we encourage and empower our employees to chart their own career path, putting you in control of your future.  
• Culture: Personal character is the foundation of our culture. CBN STI’s 7 Core Principles shape and guide our behaviours and underpin the sense of community you will experience at CBN STI. Equity, diversity and inclusivity are important to us as an organization, and we are committed to fostering and developing a work environment where every employee is treated with dignity and respect.

Internal Job Title: Senior Risk and Compliance Specialist
Job Type: Permanent, Full-Time
Job Location: United States
Work Model: Remote (within Continental United States)

Position Summary

As a Senior Risk and Compliance Specialist at CBN, you will be responsible for leading compliance initiatives, conducting risk assessment and remediation activities, and developing security strategies for CBN systems deployed in Canada, the United States and Europe.

Responsibilities

• Compliance Initiatives
  • Lead current ISO 27001, SOC 2, and PCI compliance initiatives for systems in Canada, US, and Europe.
  • Examine existing initiatives and engage business stakeholders and customers to establish a strategy for handling compliance-at-scale for both compliance-focused and cost-sensitive markets.
• Security Strategy
  • Spearhead initiatives to identify, investigate, and improve security risks within CBN Operations Global Infrastructure.
  • Design and deliver security strategies, produce architectural models, detailed assessments, and present reports to meet Canada/US and global security requirements.
  • Research and deliver tooling and strategies for CBN’s AppSec program to address risk assessments in an automated fashion at scale.
• Risk Assessment and Remediation
  • Conduct Risk Assessments within customer systems to quickly assess associated risks, recommend actions, and develop plans for remediation.
  • Understand the risk/compliance gaps in our global systems, articulate a vision, and work across teams to get us there.
• Stakeholder Engagement
  • Take an active role in educating customers, executives, stakeholders, infrastructure personnel, and developers on best practices for security.
  • Build relationships with stakeholders across groups to understand assessment needs, advise on how it should be handled, and the associated notification process.
• Various other Duties and Responsibilities.

Knowledge and Experience

• Education
  • Bachelor’s degree in Computer Science, Information Technology or related field or an equivalent combination of relevant education and additional work experience
• Certification(s)
  • One (or more) of NIST800-53, ISO27001, SOC2 (Type I and II), FedRamp, StateRamp
  • SANA, ISACA or GIAC is an asset
• Knowledge
  • Compliance standards, frameworks and tools
  • Threat and risk management principles and methodologies
  • Risk assessment practices and methodologies
• Experience
  • 8+ years of direct experience in a compliance, auditing and/or risk position
  • 3+ years of experience developing/delivering compliance assessments
  • Experience using structured approaches to risk assessment (e.g. HTRA, TRA, ITSG-33, CSF, FSIR, STAR)
  • Experience using Unified Compliance Frameworks and GRC tools
  • Experience with Azure/AWS compliance is an asset

Technical Skills

• Proficiency with MS 365 Copilot
• Presentation skills

Soft Skills and Competencies

• Critical thinking skills
  • Analysis, problem solving
• Interpersonal skills
  • Communication, relationship building, teamwork and collaboration
• Organization/time management/prioritization skills
• Adaptable
• Growth mindset

Mandatory Requirements

• Language(s): Fluency in English (reading, writing, speaking)
• Travel: Ability to travel domestically/internationally (passport required) approx. 1-2 weeks/year
• Work Authorization: Must be legally eligible to work in the United States

CBN STI is a subsidiary of Canadian Bank Note Company (CBN). CBN designs and develops industry leading solutions for the following domains: Border Security, Civil Identity, Driver Identification and Vehicle Information, Currency and Excise Control, and Lottery and Charitable Gaming. To learn more, visit www.cbnco.com.

As an Equal Opportunity Employer, CBN STI/CBN is committed to achieving a skilled workforce that reflects the diversity of the American population. We welcome and encourage applications from individuals of all backgrounds, including but not limited to women, visible minorities, persons with disabilities, Indigenous peoples, and members of the 2SLGBTQ+ community.

CBN STI/CBN is also committed to developing inclusive, barrier-free selection processes and work environments. If contacted regarding this competition, please advise the interview coordinator of any accommodation measures you may require.