Recherche d'emploi > Toronto, ON > Manager information

Senior Manager of GRC, Information Security

First National
Toronto, ON, Canada
101.5K $-126.4K $ / an (estimé)
Temps plein

We are hiring a Senior Manager of GRC in our Information Security department!

The Role :

A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security, is responsible for ensuring the security, integrity, and availability of First National information assets.

The candidate will contribute to the management and continuous improvement of security program(s). The position entails the development, implementation, and compliance of security control programs across the organization.

This role requires the following skills :

  • Specialized knowledge and experience in information security, security strategies, and security management frameworks.
  • Knowledge and understanding of current security standards and best practices, particularly ISO 27001.
  • Development, maintenance and review of Information Security Policy, Standards, Processes and Procedures
  • Effective and dynamic communicator.

Reporting To :

Assistant Vice President, Information Security

Full-Time / Part- Time :

Full-time

Posting Date : March 6, 2024

March 6, 2024

Closing Date : April 6, 2024

April 6, 2024

Hours of Work : 8 : 30 5 : 00

8 : 30 5 : 00

Grade : Office Location :

Office Location : Downtown Toronto

Downtown Toronto

Great location! Steps away from the main public transit station

What we offer :

Highly competitive compensation package which includes, base salary, bonus, benefits, and career advancement opportunities!

Eligibility for benefits is dependent on the terms of employment

What you will do :

  • Review and improve the Information Security Management Framework.
  • Build strong cross-organizational relationships.
  • Manage the security risk management and compliance strategy, framework, and approach.
  • Advise other teams within First National in the design and implementation of effective security controls.
  • Proactively track and communicate the status of the risk response activities.

Governance

  • Defining, implementing, communicating, and monitoring the Information Security Strategy and Program.
  • Review, update, development, and implementation of security policies, procedures, and technical security standards to secure First National Assets and ensure security and compliance with associated risks, contracts, regulations, and industry standards.
  • Ensure that the Security Governance frameworks are institutionalized and compliant, and aligned with security standards, particularly ISO27001.
  • Support in preparing and running the security steering committee meetings.
  • As part of managing the larger GRC program, the role involves managing the Data Security program, IAM Program and Physical Security program.
  • Participate and promote the security training awareness program.
  • Development reports and presentations as required.
  • Provide briefings to senior management and advise them of critical risks and issues that may affect enterprise security objectives.
  • Support in expansion of the Information Security framework and program within the enterprise.
  • Ensure that Information Security projects meet their required goals, constraints are addressed, and resources are aligned, as defined by the project stakeholders.

Risk Management

  • Lead the Information Security Risk Management program, through evaluation of information security risks, accounting for people, processes, data, and all associated security controls.
  • Provide oversight of all relevant information security risks, and support in risk treatment of identified risks.
  • Assist in the third-party risk assessments process to ensure risk identification, transparency and business acceptance and contractual obligations.
  • Ensure that all the program-specific risk assessment results, such as Data Security, IAM security, Physical Security, Security Operations, Application Security, etc.

dovetail into the information security risk management program.

Compliance Management

  • Control monitoring and review of internal security risk assessments.
  • Develop, document, and assess measures, metrics, and internal controls related to cyber security assessments and acceptance.
  • Develop, document, and assess measures, metrics, and internal controls related to information security assessments and acceptance.
  • In conjunction with Legal, Privacy and Compliance, identify information management and protection laws and regulations and implement actions to ensure compliance.
  • Ensure that the programs maintain compliance with relevant laws and regulations, as appropriate.

Audit Management

  • Assist in all current and future security related audit and certification processes.
  • Support audit and assessment activities, such as internal and external audit, vendor assessments, benchmarking, etc.

The Requirements Needed :

  • A total of 10 years of experience, with a minimum of 7 years of prior information security management work experience in a medium or large size organization is required in the GRC domain.
  • Bachelor’s degree in computer science or the equivalent work experience is required. Graduate degree preferred.
  • Information security certifications, such as CISSP, CISM, ISO27001 or equivalent preferred.
  • Information systems auditing certification such as CISA, or experience is desirable.
  • Preference will be given to candidates who have experience and / or familiarity with Azure, Defender for Cloud, and Microsoft suite of security products.
  • Management experience in financial services industry is beneficial.
  • Must have experience with information security management frameworks.
  • Experience developing and maintaining information security policies, standards, processes, guidelines, procedures, controls, for financial institutions or processors.
  • Track record of planning and executing complex work efforts.
  • Strong interpersonal communication, analysis, and writing skills.
  • Leadership skills including ability to work effectively with business unit managers, application development and IT operations staff.
  • Able to align management and leadership strategies when working on projects.
  • Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others.
  • Superior verbal and written communication skills.
  • Must be a team player.
  • Ability to successfully lead extended teams through new and complex concepts and processes.

The team you will join :

Founded in 1988, First National is one of Canada’s largest non-bank lenders. We provide residential mortgages exclusively through our mortgage broker channel and service commercial clients through our national origination team of empowered advisors.

At First National, It’s in our Nature is our rallying cry. It underlies our values, beliefs, and how we show up for each other, our clients, our partners and the community.

Our nature defines who we are and guides every decision we make.

First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation or any other category protected by law.

First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at .

We would like to thank all applications for their interest, but only candidates selected for an interview will be contacted.

FNLOON

Il y a plus de 30 jours
Emplois reliés
Dext
Toronto, Ontario

Reporting to our General Manager in North America, you will be responsible for leading a team of Account Managers in maintaining strong relationships with clients, driving customer success, minimizing risk, and fostering revenue growth while enhancing the team's skills and operational efficiency. Wo...

570 The Dominion of Canada General
Toronto, Ontario

Travelers provides a core contribution of 3% of your total eligible earnings to your Deferred Profit Sharing Plan (“DPSP”). Start your career at Travelers with a minimum of 20 days Paid Time Off (“PTO”) annually, plus the opportunity to purchase additional days to allow for up to a total of 36 PTO d...

0000050007 Royal Bank of Canada
Toronto, Ontario

Manager, Global Health, Safety, and Environment, Corporate Real Estate (CRE) you will support the management of global building health, safety and environmental programs and operational processes intended to improve office and retail experience for both employees and clients, and to assess and mitig...

Deloitte
Toronto, Ontario

As a Senior Manager, you will ensure the evolution of our range of services offered and contribute to the recruitment of new members to our team, create and maintain a network of potential clients and be known as a trusted advisor. We are seeking a Senior Manager for our Technology & Transformation ...

0000050007 Royal Bank of Canada
Toronto, Ontario

Contributes to security related communications, promotes security awareness, designs and maintains communication channels to facilitate the distribution of time sensitive security information. The Senior Manager, Incident Management supports RBC’s responsibility to manage RBC’s Duty of Care and Duty...

Intact Financial Corporation
Toronto, Ontario

Together, with our strong team of Cybersecurity risk advisory and Cybersecurity Supply Chain Risk Management, you will work with state-of-the-art technologies to promote a strong cybersecurity governance and compliance culture for Intact Financial Corporation. Minimum 5 years of experience in the fi...

Coinbase
Canada
Télétravail

At least 5 years of experience in security domains such as Application Security, Product Security, Infrastructure Security, Cloud Security, Security Engineering, etc. Secure storage of and access to the user's private keys is the primary focus for off-chain security, whereas onchain security is abou...

ICBC - Insurance Corporation of British Columbia
Canada, Canada

ICBC’s Customer Experience and Public Affairs division is seeking a Senior Manager Marketing & Public Relations. You have a relevant undergraduate degree and at least 10 years of senior-level experience working in crown corporation, government, or complex multi-stakeholder organization. If you are r...

Money Mart Financial Services
Toronto, Ontario

As the Senior Manager of Enterprise Risk, your focus will be on the establishment of an Enterprise Risk function at Momentum. Advanced PowerPoint, with general proficiency in Microsoft Office products. Momentum Financial Services is a leading provider of financial services in North America. For 40 y...

Royal Bank of Canada>
Toronto, Ontario

Typically manages 2 or more specialized departments comprised of supervisors, managers, professionals, and/or large numbers of operational support employees. Continually engage and communicate with senior business stakeholders on the progress and status of Initiatives within the portfolio of work so...