Business Unit Security Officer conducting risk assessments for technology systems and applications. Collaborating with engineering teams and managing cloud-based security measures at Manulife.
Responsibilities
Conduct comprehensive risk assessments of technology systems, applications, and infrastructure to identify potential threats, vulnerabilities, and impacts on business operations.
Understand and apply security policies and standards to identify gaps and ensure compliance.
Review and sign off on application security measures during the software development lifecycle.
Ensure security requirements are integrated into the DevOps pipeline and security tests.
Consult with business, engineering, and architect teams to integrate security practices into their workflows.
Provide domain expertise in security incident investigations and response.
Ensure each information risk assessment completed is peer-reviewed & communicated to larger distribution to various partners.
Deliver training to key team members around the IRM processes.
Respond to audits, regulatory reviews, risk, and controls self-assessments.
Stay up to date on the latest security trends, threats, and technologies. Evaluate existing processes to redefine processes.
Requirements
Experience in cloud security, application security, and data protection.
Familiarity with DevOps pipelines and security testing methodologies.
5+ years of experience in a combination of relevant technical disciplines in the field of Information Security: network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity.
5+ years of IT/Information Risk management experience: vendor risk management, project risk management, IT audit or IT controls assessment.
Deep knowledge of cloud computing security and IaaS, PaaS, or SaaS environments.
Knowledge of security frameworks, regulatory requirements and standards.
Excellent business communication to lead presentation, facilitate discussion across all levels and audiences.
Influence behavior to reduce risks and foster a strong information security risk management culture.
Problem solving, analytical, and establish new way/processes to improve.
Collaborative with a coaching and development approach.
Strong time management and organizational skills to manage multiple tasks and changing priorities.
Benefits
health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage
adoption/surrogacy and wellness benefits
employee/family assistance plans
various retirement savings plans (including pension and a global share ownership plan with employer matching contributions)
financial education and counseling resources
generous paid time off program including holidays, vacation, personal, and sick days
Security Advisor developing and overseeing security measures aligned with corporate goals at Desjardins Group. Diagnosing risks and advising on security policies and solutions.
Manager Cyber Cloud Security and AI at PwC protecting organizations from cyber threats. Leading cybersecurity strategy focused on AI security, team collaboration, and stakeholder engagement.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.