Sr. Manager, IT Security Policy Advisory

Sr. Manager, IT Security Policy Advisory

Company: CGL
Department: IT
Employment Type: Regular Full-Time
Work Model: Remote
Language: English is required, French is an asset.

The Opportunity:

We are a leading Canadian financial services co-operative committed to being a catalyst for a sustainable and resilient society. Our Information Technology team aspires to be a leader in applying technology to power business strategies. The Sr. Manager, IT Security Policy Advisory is responsible for leading a dynamic and high performing team accountable for creation, implementation, and management of our information security policies, standards, and guidelines.

How you will create impact:

• Provide leadership and direction to the Information Security Policy Advisory and Assurance team.
• Develop, update, and review information security policies, standards, and guidelines.
• Communicate and present updates to security policies to stakeholders.
• Offer expert advice to senior management on security policies and governance strategies.
• Keep abreast of emerging threats to maintain effective policies.
• Engage with external stakeholders to ensure adherence.
• Maintain the organisation's information security controls library.
• Monitor controls design and operating effectiveness.
• Conduct risk assessments and tests to identify potential security issues.
• Collaborate with other departments to include controls in existing processes.
• Prepare assurance reports for senior management.
• Manage assurance-related issues and support remediation efforts.

How you will succeed:

• You have an innovative mindset to improve operational efficiencies.
• You use critical thinking skills to evaluate arguments and propose solutions.
• You have strong communications skills to convey messages clearly.
• You build trusting relationships and provide guidance to colleagues.

To join our team:

• Bachelor’s degree in information technology, Cybersecurity, or a related field.
• 10+ years of experience in information security, specifically in governance and compliance.
• Comprehensive knowledge of information security frameworks and standards.
• Highly desirable certifications include CISSP, CISM, CRISC, CISA.
• Experience in developing information security policies and leading assurance programs.
• Proven ability to drive adherence with standards and controls.
• Expertise in risk assessment and management methodologies.
• Strong communication skills for both technical and non-technical audiences.
• Excellent analytical and problem-solving skills.
• Ability to work well within a team-oriented environment.
• Strong project management skills with the capability to manage multiple priorities.

What you need to know:

• Detail oriented work that requires a high degree of mental concentration.
• You will be subject to a Background check as a condition of employment.

What’s in it for you?

• Training and development opportunities to grow your career.
• Flexible work options and paid time off to support your personal needs.
• A holistic approach to your well-being with health programs.
• Paid volunteer days to give back to your community.
• Comprehensive total rewards package including health and wellness benefits.