- Direct the execution and maintenance of the second line's Information Security Risk Management program:
- Assist in annual challenge of Information Security Risk Policy, Enterprise Operating Guideline and supporting Directives
- Conduct proactive, integrated challenge of key first line activities including incident handling and key strategic projects
- Assist in challenge of middle and senior management's Risk and Control Self Assessments (RCSA)
- Collaborate with the first line of defense (1LOD) to establish and renew KRIs
- Challenge and report on significant and material information security incidents and Operational Risk Events (OREs)
- Recommend new first line processes for oversight
- Maintain real-time dashboard of Information Security Risk profiles across Sun Life's Business Groups
- Assist in conducting annual NIST Cyber Security Framework challenge and report on significant and material observations and gaps
- Stay current with industry best practices and trends
- Establish influential relationships with key stakeholders. Influence innovative solutions in response to constraints and conduct challenges in a professional manner
- Apply creative problem-solving skills to broadly defined and occasionally nebulous problems.
- Aggregating and authoring information security risk information for quarterly reporting and providing challenge as appropriate for key forums
- 5 years of cyber information security and/or risk management experience
- Information security professional certifications, such as CISSP
- Practical first line experience managing information security functions and/or programs is essential
- Expert knowledge of global information security standards and requirements (e.g., regulatory) and industry best practices
- A strong understanding of:
- Risk and Control Self Assessments (RCSAs)
- Operational Risk Events
- Key Risk Indicators
- Scenario Analysis
- Effective presentation, communication, negotiation, and conflict management skills
- Broad experience in information security processes (e.g., risk management, pen testing, vulnerability scanning) and controls (e.g., IDS, SIEM , anti-malware, system hardening), and knowledge of systems at Sun Life is an asset
- Hybrid work environment
- Being a member of the Sun Life family, a group of people united by our Purpose: to help Clients and Employees achieve lifetime financial security and live healthier lives
- Flexible Benefits from the day you join to meet the needs of you and your family
- Wellness programs that support the three pillars of your health – mental, physical and financial
- A friendly, collaborative, and inclusive culture
- The opportunity to move along a variety of career paths with amazing networking potential
- Access to our Global Learning Centre, available 24/7 for your learning needs
- We are honoured to be recognized as a 2022, 2023 and 2024 Best Workplaces in Canada by Great Place to Work Canada
- Great Place to Work list for Best Workplaces for #HybridWork 2022
- Great Place to Work list for Best Workplaces for Professional Development in Canada 2022
- Named "Best Places to Work" by Glassdoor, 2021 and 2023
-
Risk, Compliance and Security Manager #4634
1 week ago
Alteo Montreal, CanadaAlteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the strategic axes and objectives in terms of information security, operational risks and compliance. You will implement the ISMS, as well a ...
-
Risk, Compliance and Security Manager #4634
1 week ago
Alteo Montreal, CanadaAlteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the strategic axes and objectives in terms of information security, operational risks and compliance. You will implement the ISMS, as well a ...
-
Director, Security Risk and Resilience
6 days ago
Robinhood Brossard, QC, CanadaRobinhood · Trade 30+ crypto at the lowest cost on average in the EU. Sign up today and get a reward of up to 1 BTC. View company page · Join a leading fintech company that's democratizing finance for all. · Robinhood was founded on a simple idea: that our financial markets s ...
-
Risk, Compliance and Security Manager #4598
3 weeks ago
Alteo Montreal, Canada· Alteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the strategic axes and objectives in terms of information security, operational risks and compliance. You will implement the ISMS, as wel ...
-
Risk and Security Officer
1 week ago
SIX Payment Services Montreal, CanadaRisk and Security Officer - 2nd Line of Defense · Date posted 01/29/ Location Victoria | Canada, Calgary | Canada, Mississauga | Canada, Toronto | Canada, Whitby | Canada, Montreal | Canada, Vancouver | Canada, Québec | Canada Company Worldline Risk and Security Officer - 2nd Lin ...
-
Security Risk Lead
1 week ago
Ubisoft Entertainment Montréal, QC, CanadaSecurity Team Lead - Organizational Resilience Ubisoft's 19,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players' lives with original and memorable gaming experiences. If you are excited about solving game-chang ...
-
Security Risk Expert
3 weeks ago
The Nugget Group Montréal, QC, CanadaCyber Security Advisor OPOR , : 5/13/2024 Job ID#: 7800 · As the Cyber Security Lead, your main job is to make sure that our organization stays safe from cyber threats. Implementing Security Practices**: You'll put into action the best practices recommended by our client, the Dep ...
-
Security & Risk Architect
3 weeks ago
The Nugget Group Montréal, QC, CanadaAs the Cyber Security Lead, your main job is to make sure that our organization stays safe from cyber threats. Implementing Security Practices**: You'll put into action the best practices recommended by our client, the Department of Cyber Security & Digital Solutions. This involv ...
-
Risk, Compliance and Security Manager #4634
1 week ago
Alteo Inc. Montréal, QC, CanadaRisk, Compliance and Security Manager [#4634] · Job Title Risk, Compliance and Security Manager [#4634] · Field IT · Job Description Alteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the ...
-
Director, Cyber Security and Risk Management
16 hours ago
Accor Hotels Montréal, QC, CanadaWe are far more than a worldwide leader. We welcome you as you are and you can find a job and brand that matches your personality. We support you to grow and learn every day, making sure that work brings purpose to your life, so that during your journey with us, you can continue ...
-
IT Security Risk Analyst oneit
4 weeks ago
WSP Montréal, CanadaWSP's Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and ...
-
Security Advisor, Risk and Audit
4 weeks ago
GIRO Montréal, CanadaCompany Description · Our specialty is to optimize And we are proud of our expertise. We use our collective intelligence to impact people's lives by improving the efficiency of urban mobility. · Our innovative software solutions and expert services in the areas of public transit ...
-
Canadian National Railway Company Montreal, CanadaExpert, Information Security Third Party Risk Management · At CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operationa ...
-
Cyber Security Analyst- Risk
3 weeks ago
Soho Square Solutions Montréal, QC, CanadaRole: Cyber Security Advisor Duration: 12 Months (Temp-to-perm) (Renewable) · Bilingual: French & English · Montreal, QC · A career as a Senior Advisor – Cyber-Resilience Initiatives and Operations means having a positive impact on our organization by daily improving the Bank's ...
-
Risk, Compliance and Security Manager #4598
3 weeks ago
Alteo Inc. Montreal, CanadaRisk, Compliance and Security Manager [#4598] · Job Title Risk, Compliance and Security Manager [#4598] · Field IT · Job Description Alteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the s ...
-
Risk, Compliance and Security Manager #4559
4 weeks ago
Alteo Montréal, CanadaAlteo is looking for a Risk, Compliance and Security Manager for a permanent position based in Montreal. · Your main role will be to define the strategic axes and objectives in terms of information security, operational risks and compliance. You will implement the ISMS, as well a ...
-
Banque de développement du Canada Montreal, CanadaWe are banking at another level. · Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious ...
-
CN Montréal, CanadaAt CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automa ...
-
Société Générale Montréal, Canada**Responsibilities**: · **ABOUT THE JOB**: · **What will be your DAY-TO-DAY?** · - Develop and manage TPRM Info Sec Day to Day team both offshore and onshore · - Develop TPRM strategy for Americas region and be responsible for delivery of action plans ensuring conformity with thi ...
-
Chargé de projet équipement
3 weeks ago
Tundra Technical Solutions Brossard, Canada*English will follow* · Location :brossard · Hybrid · Langue : anglais must have, francais nice to have · Nous recherchons pour le compte d'un client une personne qui aura pour mission de · travailler en étroite collaboration avec l'équipe Équipement et le directeur PMO, le ch ...
Manager, Information Security Risk - Brossard, Canada - Sun Life
Description
Sun Life
Sun Life is a financial services company providing financial planning, life insurance, health insurance, investments and more.View company page
You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.
Job Description:
About the role:
The role is in the second line of the three lines of defense model and is required to strengthen the second line Information Security Risk Management program. Oversight of this key operational risks will be delivered by independently reviewing, challenging, and reporting on Sun Life's management of these risks.
What will you do?
What do you need to succeed?
Preferred Skills:
What's in it for you?
Recent Awards:
The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.
Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.
Persons with disabilities who need accommodation in the application process or those needing job postings in an alternative format may e-mail a request to .
At Sun Life we strive to create a flexible work environment where our employees are empowered to do their best work. Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.
We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr
