Who Can Apply
- Candidates must be legally authorized to work in Canada
Job Description
- Assist the Senior Manager, Information Security Compliance in developing and implementing a strategic approach to information security risk management across people, process, and technology.
- Lead the development and maintenance of Information Security risk and governance KPI's, KRI's, and SLA's. Assist with metrics creation and reporting. Provide reporting on the status of information security risks to leadership and stakeholders.
- Participates in third-party and supply chain cybersecurity risk assessments.
- Maintain the IT risk register on the GRC platform (Onetrust, Auditboard).
- Perform Security Threat Risk Assessments of all new projects and technology implementations.
- Develop and maintain IT and Security Risk Assessment processes and documentation.
- Advise various teams on risk mitigation and compensatory measures to reduce risks to acceptable levels, using knowledge of Vancity policies, technologies, standards and industry best practices.
- Foster a risk aware culture across the organization.
- Other duties as assigned.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
- Excellent communication skills with experience presenting and negotiating with senior and executive-level stakeholders
- A bachelor’s degree or equivalent in Computer Science, Business, or a related field
- 3-5 years of progressive (or above junior-level) experience in information security risk management, preferably in a mid-sized corporate organization or a financial institution
- Information Security Certifications in one or more of the following are desirable: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM).
- In-depth understanding of risk management frameworks such as NIST RMF, NIST AI-RMF, ISO 31000, FAIR, and ISO 27001
- A good understanding of relevant standards and frameworks that apply to the financial services industry such as PCI/ SWIFT/ NIST/OSFI
- Strong understanding of regulatory requirements and standards (e.g., OSFI, BCFSA, PIPA, PIPEDA)
- Expertise in MS Office
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.