Security Consultant on TELUS's Cybersecurity Platforms Operations team. Providing hands - on support for critical security services and collaborating with industry - leading vendors.
About the role
- Director of Cybersecurity responsible for assessing risks and implementing security solutions at Financeit. Collaborating with various teams to protect information in Canada and the US.
Responsibilities
- Implementing and monitoring a comprehensive enterprise-wide information security risk management program
- Establishing annual and long-range security and compliance goals.
- Assessing the adequacy of, adherence to, and the effectiveness of Financeit’s information and data security framework
- Preparing periodic reporting to Senior Management and quarterly updates to the Board of Directors on key items around privacy and security
- Identifying required controls related to the availability, integrity and confidentiality of customers, business partners, employees, and business information, evaluating the effectiveness of control
- Assess developing security threats and help Senior Management identify and effectively manage potential security problems that might arise from Financeit’s current or proposed activities
- Understanding and interacting with the business to ensure the consistent application of policies and standards across all projects, systems, and services
- Monitoring remediation of information security, data security, and cyber security threats and assisting the Chief Compliance Officer in reporting those threats to Senior Management and the Board
- Coordinating Financeit’s information and data security audit programs, including SOC2 Type 2 and PCI-DSS
- Collaborate closely with the development team to integrate security throughout the Software Development Lifecycle (SDLC), ensuring that secure coding practices are consistently followed, potential vulnerabilities are identified and addressed early, and the final product meets stringent security standards.
- Support the organization's incident management process by identifying, investigating, and responding to security incidents, conducting root cause analysis, documenting findings, and implementing corrective actions to prevent future occurrences.
- Manage the third-party risk management process by assessing the security posture of vendors, ensuring compliance with organizational policies, conducting thorough due diligence during onboarding, and continuously monitoring third-party activities to identify and mitigate ongoing risks.
Requirements
- At least 6 years of deep working knowledge of IT technologies, security threats and information security risk management
- CISSP, CISA, CRISC or other equivalent security credentials
- Experience working with Governance, Risk and Compliance (GRC) platforms
- Good understanding of financial services/lending
- Ability to articulate IT security and technical issues in a clear and actionable manner to non-technical leadership
- Strong understanding of organization and technology controls, security, and risk issues
- Familiarity with the audit process and conducting risk-based audits
- Interest and focus on the rapidly changing privacy regulatory landscape
- Strong knowledge in risk management, vulnerability management, identity and access management, incident management, and third-party risk management
Benefits
- An award-winning culture with a collaborative & inclusive team.
- Competitive pay and performance-based bonus.
- Committed to flexible work arrangements, offering hybrid workplace options.
- Comprehensive medical, dental and vision coverage + Lifestyle Account.
- RRSP Matching and Parental Leave Top UP Program.
- In office massage, meditation & workout sessions.
- Virtual events such as Lunch & Learns, company parties, fun team activities and charity initiatives.
- Career learning and development programs.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Cloud Cybersecurity Engineer responsible for cloud security engineering at Tanium. Collaborate to protect cloud infrastructure against threats in Azure, AWS, and Kubernetes.
Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
Senior Analyst performing SOC 1 and SOC 2 examinations at Kraken. Leading compliance initiatives and enhancing IT controls in a remote environment.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.
Security Lead responsible for driving security function and strategy at Newton, a crypto trading platform. Ensuring CIRO and SOC 2 alignment while embedding security practices across all systems and applications.
Senior Cybersecurity Engineer at Vervent focused on security solution design and incident response. Join a growing team to implement and strengthen enterprise security operations.
IA
Conseiller juridique stratégique au sein des Services juridiques pour la protection des renseignements personnels au Canada. Fournissant des conseils stratégiques en matière de cybersécurité et réglementaire.
Manager, Information Security at Manulife will assess vendor IT risks and security controls. Conducting audits, guiding businesses in IT risk management under a hybrid working model.
Key role in operational security management of IT infrastructures at Xideral. Involves risk management, security architecture, and coordination with various stakeholders.