Cybersecurity Third Party Vendor Assurance Consultant

Select how often (in days) to receive an alert:

Cybersecurity Third Party Vendor Assurance Consultant

Location:

Calgary, AB, CA; Edmonton, AB, CA; Ottawa, ON, CA; Toronto, ON, CA; Fredericton, NB, CA; Halifax, NS, CA; Vancouver, BC, CA

Jobs by Category: Security & Automation

Job Function: Cybersecurity

Status: Full Time

Schedule: Regular

Description

Our team and what we’ll accomplish together

We live in and work in a rapidly evolving digital world where cyber security is critical. The Global CSO function for TELUS Health brings a focus on the Security of our Sensitive Health Information (PHI) and regulatory compliance, to meet and exceed the expectations of our global customers as the most trusted wellbeing company in the world. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.

The Cyber Vendor Assurance team plays a crucial role in protecting TELUS Health’s security posture by managing and monitoring Cyber risks associated with our third-party vendors and suppliers. Our team leads comprehensive security assessments, vendor due diligence, and maintaining ongoing monitoring of vendor security controls.

As a Third-Party Cyber Security Consultant, you’ll be keeping TELUS Health safe and protected by providing cyber oversight across a diverse global supplier portfolio. You will support all the key elements involved in the end-to-end 3rd Party Information Security Oversight. Your primary focus is to provide assurance regarding the confidentiality, integrity, and availability of the suppliers that we have entrusted our data/infrastructure with. For this to be achievable, you will collaborate extensively with internal and external stakeholders to allow for identification of vulnerabilities and areas of improvement to protect our Brand, colleagues, and customers, in turn helping to promote a collaborative Security culture.

What you’ll do

You will manage and own a diverse portfolio of supplier assessments, undertaking Information Security reviews using a defined methodology. From planning, reviewing supplier responses, supplier assessments, reporting of identified risks, and provision of required remediation.

Given the nature of the role you will be providing guidance to both internal and external stakeholders:

• Assessing Supplier responses to a defined set of Information Security controls, ensuring quality and completeness of returns
• Reviewing Supplier responses and identification of risk/vulnerabilities. Liaising with key stakeholders to ensure appropriate escalation and remediation
• Maintaining and producing reports and management information. Ability to report clearly and articulate non-conformities and advise on required actions to remediate. An adaptive communication style to reflect a diverse stakeholder audience
• Collating and assessing various Cyber intelligence sources to help provide greater insight as to the Suppliers Security posture
• Share knowledge and mentoring to colleagues, supporting queries and providing guidance in relation to Cyber Security 3rd Party assurance
• Attending meetings, workshops, acting as delegate for Manager when required
• Actively contribute to the ongoing development of the Team through constructive challenge, providing solutions, innovation, and continual improvement
• Reinforce TELUS Health's Customers First values in ensuring positive security outcomes for both external customers and internal stakeholders

Qualifications

What you bring:

• 5+ years of applied Cyber Security Assurance experience
• Ability to demonstrate expertise and application of knowledge, in terms of technical and softer skills that are required in managing a diverse and global portfolio
• Strong understanding of Security frameworks (ISO 27001 / 27036) and ability to identify vulnerabilities/areas of control enhancement
• Adept at reviewing Supplier Security policies and standards to ensure appropriate scope and adequacy
• Clear understanding of information security principles, including risk management, incident response, and threat analysis
• Strong stakeholder management and interpersonal skills. Ability to engage and develop relationships across a broad range of geographies and sectors
• Strong organizational skills, with the ability to coordinate and effectively self-manage your own portfolio of work, independently to ensure high quality and timely delivery
• Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement
• Strong communication skills (verbal and written)
• Strong analytical skills, attention to detail and coupled with capability to identify omissions/gaps/areas of focus
• Ability to accommodate travel and time away from home may be required

Great-to-Haves:

• CISM, IS027001 LA, CISA, CRISC
• Procurement knowledge, reflective of the Supplier lifecycle
• Bi-lingual (English + either French, German, Spanish)

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.

Salary Range: $82,000-$124,000

Performance Bonus or Sales Incentive Plan: 12%

Actual total compensation will be determined based on factors such as knowledge, skills, performance and experience. Please note that the compensation shown in the job posting may be subject to change in 2025.

A bit about us

We’re a people-focused, customer-first, purpose-driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world.

You’ll find our engaging, high-performance culture personally fulfilling, professionally challenging, and financially rewarding. We’re committed to diversity and equitable access to employment opportunities based on ability. Your unique contributions and talents will be valued and respected here. When you join our team, you’re helping us make the future friendly.

Note for Quebec candidates: if knowledge of English is required for this position, it is because the team member will be asked, on a regular basis, to interact in English with external or internal parties or to use English applications or software as part of their tasks.

Accessibility

TELUS is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment.

We offer accommodation for applicants with disabilities, as required, during the recruitment process.