Manager, Cyber Risk & Compliance

at  CocaCola Canada Bottling Limited

ABOUT THIS OPPORTUNITY

We are seeking an experienced Manager specializing in Governance, Risk, and Compliance (GRC) to report directly to the Director of Cybersecurity and serve as part of the leadership team in Information Technology. This role involves developing, implementing, and managing a comprehensive GRC program. The ideal candidate will have a deep understanding of enhancing a Change Advisory Board (CAB) program and managing advanced governance technologies like Resolver, AuditBoard, OneTrust, Microsoft Purview, and Data Loss Prevention (DLP) tools, with a critical focus on their integration with platforms like ServiceNow.

QUALIFICATIONS

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Preferred certifications include:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Governance of Enterprise IT (CGEIT)
• NIST Cybersecurity Framework (NCSF) Certification
• Bilingual in English / French is an asset.

ABOUT US: PROUDLY CANADIAN AND INDEPENDENTLY OWNED, WE ARE COKE CANADA!

Coca-Cola Canada Bottling Limited is Canada’s premier bottling company. We are an independently owned business encompassing over 5,800 associates, more than 50 sales and distribution centers, and 5 production facilities nationwide. For more information about Coke Canada Bottling, please visit cokecanada.com

• Oversee the risk team and manage additional projects within the cybersecurity division.
• Lead the design, implementation, and management of the organization’s risk program to ensure compliance with regulatory requirements, in collaboration with the Legal, Finance, Operational Technology and Supply Chain Management teams.
• Oversee the risk program from a security perspective, including updates to the GRC tool and management of program assignments.
• Develop and oversee a robust CAB program and its expansion enterprise wide, facilitating effective change management across technical systems.
• Drive, lead, manage, and optimize governance and the implementation of technologies such as Microsoft Compliance Manager, Azure Policy, Microsoft Information Protection (MIP), Azure Blueprints, Microsoft Cloud App Security (MCAS), Azure Active Directory (Azure AD), Microsoft Defender for Cloud Apps, Microsoft Defender for Identity, Microsoft Insider Risk Management, Microsoft Purview, Azure Governance Visualizer (AzGovViz), ensuring effective integration with other IT service management tools.
• Conduct risk assessments, audits, and develop risk mitigation strategies.