Share this Job

Security Policy Advisor

Date: Apr 3, 2021

Location: Montreal Dorval, QC, CA

Security Policy Advisor-MON17590



At Bombardier, our employees work together to evolve mobility worldwide - one good idea at a time. If you have a good idea, we’ll provide the environment where it will thrive and grow into a great product or customer experience. Your ideas are our fuel.

In your role, you will:

Lead policy development for Bombardier’s Cyber Security, Risk & Compliance program, developing policy for all cyber security and IT related control requirements.

Lead and drive Annual Policy Reviews, ensuring all policy are reviewed in line with the review cycle and maintained in accordance with internal and external factors.

Support and advise the Architecture Review Board (ATB) and act as the Cyber, Risk & Compliance Policy Lead and advisor to the ARB.

Ensure Policies and Standards are implementation & develop plans to track ownership and accountability for control requirements and track their effectiveness.

Support Bombardier IT teams as a Policy Advisor and provide guidance on control requirements and practical implementation of policy and standards.

Collaborate with stakeholders, such as IT teams, developers, auditors, service providers, and customers to ensure awareness of Bombardier’s cyber and IT policies​.

Support Cyber, Risk & Compliance team to ensure an understanding of policy requirements and advise on risks associated with any gaps related to policies.

Track and manage key performance indicators and reporting metrics, ensuring visibility and awareness of cyber and IT policy and control status with Bombardier’s IT systems.

Provide technical consultation, guidance, training, and assistance to developers, management, application and database owners, and users in reference to security policy and standards, remediation, regression testing, and system architectures recommendations.

Support analysis of cyber security and IT vulnerabilities, threats and incident trends to understand root causes and propose counter measures that mitigate risk and improve security and IT processes.


As our ideal candidate,

- You have bachelor's degree in Mathematics, Statistics, Computer Science, Information Science or relevant field of study.
- You haveCISSP, CISA, CISM and other security certifications preferred.
- You have 5+ years hands-on experience in cyber security roles such as vulnerability management, threat intelligence or incident response.
Knowledge and experience of:

Governance, Risk & Compliance (GRC) Frameworks

Factor Analysis & Information Risk (FAIR) Methodology

ISO 27001/27002

ISO 27005 Risk Management

IT General Controls (ITGC) testing methodologies

Preferably skilled with vulnerability and risk assessment tools, correlation rules, and managing dashboards.

Bombardier is an equal opportunity employer and encourages women, Aboriginal people, persons with disabilities and members of visible minorities to apply.

Whether your candidacy is moving on to the next step of the hiring process or not, we will keep you informed by email or by phone. Join us at

Your ideas move people.

Job: Information Systems and Information Technologies
Primary Location: CA-QC-Montreal Dorval
Organization: Aerospace
Schedule: Full-time
Employee Status: Regular

Job Posting:
05.03.2021, 3:53:45 PM

Unposting Date: Ongoing

Job Segment: Information Systems, Risk Management, Database, Computer Science, Security, Technology, Finance