Security Specialist

West Fraser places the highest importance on the confidentiality, availability, and integrity of customer, company, and employee information. As a member of West Fraser's Cyber Security team, you will play a critical role in ensuring that this information is secure while enabling technology and business partners to innovate, drive sales, and safely maintain operations throughout our facilities.

The Security Specialist plays a critical role in safeguarding our organization's information assets by proactively identifying, assessing, and mitigating cybersecurity risks. This position is focused on risk management, compliance, and governance, ensuring that our organization remains compliant with regulatory frameworks (such as SOX) and is adequately protected from emerging cyber threats.

This position is instrumental in protecting our organization from the ever-evolving cyber threat landscape and operates under the direct supervision of the Principal Architect, Governance, Risk & Compliance.

You'll Do:

IT General Controls Compliance

• Ensure that the organization's IT controls comply with applicable regulatory requirements, including Sarbanes-Oxley (SOX) and other industry standards.
• Collaborate with stakeholders to assess the effectiveness of IT controls and remediate any identified gaps in compliance.
• Document and maintain evidence of compliance activities, including control testing and remediation efforts, to support regulatory audits.
• Assist in the development of policies and procedures that ensure proper data management and reporting practices in line with compliance requirements.

Security Risk Management:

• Assist in conducting security risk assessments focused on IT General Controls (ITGCs), helping to identify potential threats and vulnerabilities affecting the organization's IT infrastructure.
• Support collaboration with stakeholders to evaluate and rate the likelihood and impact of identified risks associated with ITGCs.
• Contribute to the documentation and reporting of IT-related risks, ensuring they are properly tracked and communicated for remediation.
• Aid in the development and implementation of risk mitigation strategies and controls specific to ITGCs, while monitoring progress to ensure timely follow-up and compliance.

Security Awareness and Training:

• Assist in designing and delivering engaging security awareness training programs for employees at all levels of the organization.
• Help develop training materials on key topics such as password security, social engineering threats, data protection, and incident reporting.
• Utilize various delivery methods (e.g., presentations, online modules, videos, newsletters) to promote engagement and support knowledge retention.
• Participate in conducting regular phishing simulations to help assess employee awareness and resilience against cyberattacks.

Cybersecurity Metrics:

• Support the definition and tracking of relevant cybersecurity metrics to assess the effectiveness of security controls and identify improvement areas.
• Help prepare reports on metrics such as incident trends, training participation, vulnerability assessments, and risk mitigation progress for management review.

You have:

Minimum of 2 years of experience in one or more of the following areas:

• IT Advisory/ IT Assurance
• Provisioning Identity and Access Management and Change Management
• Performing risk assessments
• Control Owner/Performer for ITGC

Strong understanding of cybersecurity principles, best practices, and risk management frameworks.

Experience in conducting security risk assessments and developing risk mitigation strategies.

Knowledge of regulatory compliance requirements, such as SOX.

Familiarity with GRC systems and access control management.

Excellent communication and interpersonal skills.

Ability to present technical concepts to non-technical audiences.

Additional Skills (Preferred):

• Experience with security awareness training and phishing simulations.
• Knowledge of cybersecurity metrics and reporting.
• Relevant industry certifications (e.g., CRISC, CISA, CGEIT, CEH, etc.)

Work Conditions:

• • Office based
  • Posting locations: Vancouver BC or Quesnel BC

Compensation Package:

• The salary range for this position may vary depending on experience, education, and location. The annual salary range is between $80,000 and $120,000.
• Annual bonus opportunity
• Outstanding benefits package including medical, dental, pension, life insurance, disability, accident insurance, vacation, and holidays

Your Workplace Location:

Nestled amidst captivating natural beauty, Vancouver is a city that promises an enchanting experience to its visitors. Its balmy climate, coupled with the warm hospitality of its people, has earned it a reputation as one of the most sought-after tourist destinations in the world. However, Vancouver's appeal doesn't just end there. The city boasts of a vibrant cultural scene, with a rich diversity of languages and ethnicities that add to its unique charm. As one of the most ethnically and linguistically diverse cities in Canada, Vancouver is a melting pot of cultures, traditions, and lifestyles that make it an unparalleled place to live.

About Us:

We make renewable, wood-based building products for the world, contributing to a more sustainable future. Today, West Fraser is one of the world's largest producers of sustainable wood-based building products, with more than 60 facilities in Canada, the United States, the United Kingdom, and Europe. From responsibly sourced and sustainably managed forest resources, West Fraser produces lumber, engineered wood products (oriented strand board, laminated veneer lumber, medium-density fibreboard, plywood, and particleboard), pulp, newsprint, wood chips, other residuals, and renewable energy. West Fraser's products are used in home construction, repair and remodeling, industrial applications, papers, tissue, and boxes.

What makes us stand out is our people-first approach. We value internal growth and continuous learning. Join us, and you'll enjoy competitive pay, great benefits, and an excellent pension plan, all in a supportive environment where your voice matters.

Diversity:

At West Fraser, we strongly believe promoting diversity and inclusion is essential to our success. Our commitment to creating inclusive workplaces is reflected in our core values, and we constantly strive to foster a culture that values and respects every individual's unique background and perspective. By joining us, you will have the opportunity to be a part of a team dedicated to shaping a brighter future by embracing diversity and promoting inclusivity. Join our team at West Fraser and help us build a more diverse and inclusive community.

Sustainability:

West Fraser is fully committed to sustainable forest management as defined in our environmental policy, which is reflected in every aspect of our work. We adopt new technologies and innovations to create exceptional building materials. Wood products are a natural, renewable, recyclable, and environmentally sustainable choice for consumers who prioritize sustainability.

Sustainability Report | West Fraser

Learn more about us!

Discover West Fraser in Western Canada (youtube.com)

What's it like to work in Forestry at West Fraser? Shayna's story (youtube.com)