Cybersecurity Advisor II

Company:Finning International Inc.

Number of Openings:1

Worker Type:Permanent

Position Overview:The Cybersecurity Advisor II supports Finning’s global information security program by providing cybersecurity advisory services across technology, business, and risk initiatives. This role works collaboratively with technology teams, product owners, and business stakeholders to identify security risks, assess control effectiveness, and support alignment with Finning’s security policies, standards, and regulatory requirements.
The Advisor II contributes to security assessments, reviews, and advisory activities within a defined scope, applying established security frameworks and guidance. This role emphasizes practical, risk-based security support and clear communication, helping teams understand and address security requirements while protecting Finning’s information assets.
What we can offer you:
· Great people and place to work with a hybrid work opportunity
· Career advancement and training opportunities
· Pension and employee stock purchase plans with company contributions
· Extensive health benefits including group medical and dental benefits, and short-term and long-term disability benefits
· For this position, the expected salary range is between $85,000 and $105,000 annually. This range reflects our commitment to providing competitive compensation that aligns with industry standards and your qualifications.

Job Description:

Major Job Functions:

Cybersecurity Advisory & Risk Support

• Support cybersecurity risk assessments for applications, infrastructure, and business initiatives.
• Participate in solution and design reviews by providing security input aligned with Finning security standards.
• Identify control gaps and document risk observations with recommended remediation options.
• Assist with threat modeling and security review activities using established templates and processes.

Governance, Risk & Compliance

• Support compliance activities aligned to frameworks such as ISO 27001, NIST, and internal Finning security standards.
• Assist with evidence collection and control validation activities for audits and assessments.
• Contribute to the maintenance of security policies, standards, and guidance documentation.
• Track assigned risks and remediation actions in accordance with defined governance processes.

Stakeholder Engagement & Enablement

• Engage with technology and business teams as a security advisor on assigned initiatives.
• Help translate security requirements into clear, actionable guidance for stakeholders.
• Participate in project and working sessions to support the integration of security considerations.
• Support awareness and enablement activities related to secure practices and risk management.

Continuous Improvement

• Contribute ideas to improve advisory processes, assessment approaches, and documentation.
• Stay informed on emerging security risks and industry practices relevant to the role.
• Support the ongoing maturity of Finning’s cybersecurity advisory and GRC capabilities.

Mandatory (Must-Have) Skills:

• 4–6 years of experience in cybersecurity, information security, IT risk, or related IT roles.
• Experience supporting security risk assessments, control reviews, or compliance activities.
• Working knowledge of common security frameworks (e.g., ISO 27001, NIST, CIS).
• General understanding of enterprise technologies (applications, cloud, identity, infrastructure).
• Ability to document risks, controls, and recommendations clearly using defined templates.
• Experience collaborating with cross-functional technology and business teams.
• Post-secondary education in Information Security, IT, Computer Science, or equivalent experience.

Preferred (Nice-to-Have) Skills:

• Exposure to cybersecurity advisory, GRC, or audit-support functions.
• Familiarity with cloud and SaaS security concepts.
• Exposure to application security, identity and access management, or data protection domains.
• Experience supporting internal or external audit activities
• Entry- to mid-level security certifications (e.g., CISSP, CISM, CRISC, ISO 27001).

Soft Skills

• Clear written and verbal communication skills.
• Ability to explain security concepts to both technical and non-technical audiences.
• Strong attention to detail and analytical thinking.
• Practical, risk-based problem-solving approach.
• Ability to manage assigned work independently within defined priorities.
• Collaborative and professional stakeholder engagement style.
• Willingness to learn and grow within the cybersecurity discipline.

At Finning, we prioritize creating a diverse and inclusive environment. We are proud to be an equal opportunity employer, and we actively encourage all individuals to express themselves and achieve their full potential. As a company, we continuously strive to enhance our outreach to individuals of all backgrounds and identities. We do not discriminate against applicants based on gender identity, race, national and ethnic origin, religion, age, sexual orientation, marital and family status, and/or mental or physical disabilities. Furthermore, Finning is committed to collaborating with and providing reasonable accommodations /adjustments to individuals with disabilities. If you require an adjustment/accommodation at any point during the recruitment process, please inform your recruiter.