Canada Life
We’ve been supporting the financial, physical and mental wellbeing of Canadians for 175 years.
We are looking for an AVP, Business Information Security.
In today’s dynamic business and technology landscape, information security needs to be a strategic partner of the business that actively supports and enables the organizational goals. The AVP, Business Information Security is at the forefront of this relationship, serving as a primary contact and key liaison between the designated line(s) of business and the information security team.
Reporting to the VP, Business Information Security Officer, you will serve as the business’s advocate within the security team and the security team’s ambassador to the business. Your role will support business teams on all security matters, fostering a proactive relationship between business and security, and positioning information security as a business enabler.
What you will do:
- Provide leadership and strategic guidance to business leaders on all security matters, including compliance to controls and standards, regulatory compliance, and customer security needs.
- Provide security consulting, advisory and engagement on all business initiatives including technology projects, client inquiries, due diligence requests and M&A, working with internal SMEs as required.
- Develop deep understanding of business objectives and priorities to enable tailored security solutions to protect critical assets and information.
- Collaborate with business leaders, IT teams, and the wider security and tech risk team to embed security into business processes, manage security risks, and drive adoption of security controls.
- Act as a trusted security advisor to both the business and cybersecurity leadership, ensuring security measures are aligned with the business objectives.
- Partner with technology delivery teams, application security and other stakeholders to integrate security into all stages of product development and technology deployment.
- Keep business abreast of security requirements, upcoming changes, and expected actions from their end to support advancing security maturity and protecting the organization.
- Channel all security and tech risk interactions with the designated line(s) of business to streamline communication, balance demands, and improve prioritization.
- Define and provide aggregated security risk metrics and reporting to the business and technology leadership.
- Communicate business strategy and priorities to the security team to enable alignment between security strategy and roadmap with business goals.
- Promote a strong security culture by educating the business teams on security best practices and raising their awareness of potential threats.
- Collaborate with business leaders to align funding for strategic security initiatives and advise on resource allocation to enhance security posture.
- Participate in cybersecurity and business-related committees and working groups as necessary.
- Oversee and support the business response to security incidents, investigations and remediation.
- Stay well-informed and involved in security initiatives affecting the line(s) of business.
- Stay abreast of latest security threats, new laws, regulations and standards, and assess their impact to the business.
What you will bring:
- 10+ years of experience in cybersecurity, risk management, or technology, with 5+ years in leadership roles, preferably in a large enterprise or regulated industry.
- In-depth understanding of security frameworks, technologies, and risk mitigation strategies.
- Extensive knowledge of legal, regulatory, and industry-specific security requirements.
- Proven proficiency in resolving conflicting requirements to deliver effective cybersecurity solutions.
- Proven record in assessing, prioritizing, and mitigating enterprise security risks.
- Strong strategic planning, relationship building, and collaboration skills.
- Skilled at driving cross-functional security efforts and influencing across all levels.
- Adept at understanding business priorities and processes, capable of integrating cybersecurity into the business through teamwork and influence.
- Excellent written and verbal communication skills across all organizational levels.
- Effective communicator with the ability to translate complex technical security concepts into business language.
- Ability to work effectively with diverse teams and personalities, adapting management styles to achieve mutually beneficial outcomes.
- Proficient in project management, multitasking and organizational skills.
Given the size and scope of our organization, we have the flexibility for this position to be located in the following head office locations: Toronto, London, Winnipeg.
Be your best at Canada Life - Apply today!
Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.
We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.
Canada Life would like to thank all applicants; however, only those who qualify for an interview will be contacted.