SENIOR RISK & COMPLIANCE ADVISOR | Dealertrack

  • Cox Automotive Canada
  • Cox Automotive Canada, Matheson Boulevard East, Mississauga, ON, Canada
  • Mar 28, 2021
Full time General

Job Description

Primary Location: 2700 Matheson Blvd EMississaugaON, CA

Division: Cox Automotive

Job Level: Individual Contributor

Travel: Yes, 5 % of the Time

Schedule: Full-time

Shift: Day Job

Requisition Number: 211438

 

 

About Dealertrack 

 

Dealertrack Canada is the leading provider of web-based software solutions and services for all major segments of the automotive, marine, recreational vehicle, motorcycle and powersport retail industries. Dealertrack Canada serves dealers, lenders, OEMs, third-party retailers, agents and aftermarket providers with its comprehensive set of solutions including Sales/F&I products; market data for dealers, lenders and OEMs; and digital document services. Dealertrack Canada is a subsidiary of Dealertrack, which is owned and operated by Cox Automotive Canada. For more information about Dealertrack Canada, visit dealertrack.ca.

 

Job Description:

 

The Sr. Risk & Compliance Advisor for Cox Automotive Canada is responsible for supporting Canadian information security and risk management initiatives to align with the Cox Automotive Corporate Security Standards.  This position will be the primary security interface and subject matter expert for all inbound client AIQs (Assessments, Inquiries & Questionnaires) as well as for hosting on-site information security assessments/audits. The Sr. Risk & Compliance Advisor will hold overall responsibility for coordinating client compliance requirements for all Canadian products and solutions – working with technology, business, and legal teams. Other responsibilities will include- risk mitigation advise for network and application security vulnerability remediation efforts, providing security guidance for new business projects, providing best practices for security access reviews, coordinating the remediation of all security audit findings.  The position will support corporate teams in periodic risk assessments of the business and applications. The Sr. Risk & Compliance Advisor for Cox Auto Canada also ensures compliance with all legal, regulatory, and contractual security obligations, assists with the development and implementation of security process improvements, and champions security and risk mitigation efforts across Cox Automotive Canada. The Sr. Risk & Compliance Advisor will be involved in contract and engagement reviews with clients; and providing support to the Legal team for new clients RFPs lender and privacy rules, regulations and legislation updates, as well as for reviews of contractual security language for new products.

 

Responsibilities:

  • Works under the guidance of the head of the Corporate Risk & Compliance function to manage all inbound client AIQs (Assessments, Inquiries & Questionnaires) as well as hosting on-site information security audits- across all locations and business units at Cox Auto Canada.
  • Coordinating client compliance requirements for all Canadian products and solutions – working with technology, business, and legal teams across the organization.
  • Coordinate the remediation of security audit findings
  • Coordinate and manage engagements for Security Operations Center reports as applicable to Cox Auto Canada locations and business units.
  • Creates/updates and manages documentation on security posture and controls adopted by Cox Auto Canada, for external sharing with Clients.
  • Support adoption and compliance with Cox Automotive Corporate Security Standards while enabling business success. 
  • Assists with review of applications that are moving to the cloud, reviews controls for new or moving applications, and provides guidance for secure transitions to the cloud.
  • Provides security guidance for new projects and products to ensure security best-practices are implemented and that projects are developed in compliance with Cox Automotive Corporate Security Standards.
  • Meets and partners with broad stakeholder groups (e.g. Engineering, Product, Architecture, Operations, Legal) to provide leadership updates and reporting on security issues.
  • Periodically assists with risk assessments of the Cox Auto Canada applications, systems, and business processes to verify compliance with the Cox Auto Security Standards and prioritizes the remediation of gaps based on risk to the organization. 

 

Qualifications:

Qualifications:

  • 5-10 years experience in IT Security, Risk, Compliance or equivalent
  • BA/BS Degree in Computer Science, Information Systems, or combination of equivalent education and work experience
  • CISA, CISSP, CISM, or other security certification(s) relevant to the IT industry
  • Understanding of web applications, cloud technologies, system infrastructure, and enterprise architecture
  • Experience conducting or responding to audits
  • Strong MS office skills with Excel
  • Experience with SOC, SOX, PCI assessments and security frameworks
  • Audit background and experience would be a plus.
  • Strong understanding of information security risks and solutions to mitigate risk.
  • Strong communication skills to host client audits and be able to explain security frameworks and implemented controls.
  • Experience with GRC products.
  • Ability to work in a fast-paced and dynamic environment
  • Ability to work in a team and independently to fix issues with little or no supervision
  • Excellent organizational, project management, and follow-up skills
  • Ability to build and maintain strong working relationships at all levels of the organization
  • Excellent communication, presentation, and reporting skills

 

 

What we offer:

  • Full time employment with one of the global leaders in automotive remarketing realm
  • 5 weeks paid vacation per year
  • Generous Insurance plan paid by Cox Automotive Canada (medical, dental, life, disability).
  • RRSP contribution plan
  • Venngo Discount programs
  • Fast paced, multicultural work environment
  • Career pathing – opportunity for development and advancement within Cox Automotive family of companies
  • Opportunity for involvement with local communities though company sponsored volunteering program
  • Cox Automotive Canada was named one of Greater Toronto’s Top Employers

 

Who We Are

About Cox Automotive

There’s nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like Dealer.com, Manheim and vAuto.

 

About Cox 

We are the Cox family of businesses. We’ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us.  Our primary divisions – Cox Communications and Cox Automotive – are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators.  We’re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation.  We’re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you’ll be going with us, and the common purpose that unites us at coxenterprises.com.   

Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.