Senior Director, Cyber Risk Advisory

Come make your difference in communities across Canada, where authenticity, trust and making connections is valued – as we shape the future of Canadian retail, together. Our unique position as one of the country's largest employers, coupled with our commitment to positively impact the lives of all Canadians, provides our colleagues a range of opportunities and experiences to help Canadians Live Life Well®.

At Loblaw Companies Limited, we succeed through collaboration and commitment and set a high bar for ourselves and those around us. Whether you are just starting your career, re-entering the workforce, or looking for a new job, this is where you belong. 

Loblaw Technology and Analytics power some of Canada’s most game-changing retail solutions. We connect Canadians to things that matter most. Food, health, beauty, money, and time. Curiosity drives us as we solve complex problems at pace and lay foundation for a secure organization today while influencing a better future for our customers tomorrow. Join us and work alongside some of Canada’s most diverse and talented innovators supporting retail, digital customer solutions and analytical platforms

Senior Director, Cyber Risk Advisory, Brampton, ON

We are looking for a collaborative and innovative leader to be part of our Cyber Security, Privacy and Network (CSPN) team. In this role, you will lead the Governance, Risk and Advisory functions; aligning with leading industry practices; and improving our delivery service excellence to stakeholders.

Leading a group of self-motivated team members, you will be responsible for managing security governance, technology risk management, cyber assurance and regulatory matters, PCI-DSS compliance, technology audit management, security maturity benchmarking (aligning to NIST), training and awareness, policy and standards management.

You will ensure comprehensive protection against cyber threats and breaches by improving our ability to assess and remediate cyber security risks and vulnerabilities in a timely and efficient manner, streamlining adherence to regulatory obligations, and reducing brand, reputational, and legal risks.

Holistic risk management team

What You’ll Do:

• Lead the team responsible for our governance-related activities, including benchmarking, cyber security and technology policy/standards, security awareness and training, board metrics and executive reporting
• Drive, measure and increase annually the overall security maturity (using NIST) across the organization focused on standardization, resiliency and automation
• Lead end-to-end cyber security risk management to identify, assess, and mitigate risk timely and efficiently; and identify and report on aggregated risks; while adhering to regulatory obligations
• Oversee our cyber security and technology risk compliance activities, including liaising with internal and external audit, ensuring PCI-DSS / SOC II compliance and reducing brand, reputational, and legal risks
• Oversight and continuous evolution of the Vendor Management Office managing supplier risks and posture, in alignment with Privacy, Legal and Enterprise Sourcing teams
• Drive a strong culture of cyber security awareness across the business and management
• Monitor the threat landscape and provide cyber risk advisory to teams and executives across the enterprise on new threats, while bringing creative solutions and risk-based recommendations to keep the organization secure
• Support the execution of strategic initiatives in collaboration with internal and external teams and effectively manage cyber security budgets

What you Bring:

• Demonstrated experience leading high performing cyber security or technology risk teams with a leadership style that prioritizes colleague development, collaboration and inclusion

• Solid understanding of IT risk, security maturity, reporting and control frameworks (e.g. NIST v2.0, ISO 27001/2, ISF SOGP) typically gained by having a professional certification and/or related experience
• Excellent understanding of IT controls and audit approaches, current technologies and approaches to ensure high quality Cyber Security standards and protection of data land information
• Mentorship skills for the security team to grow, develop and foster a strong collaborative team culture
• Recognized for taking initiative to provide innovative solutions, and delivering quality work with special attention to details and continuous improvements
• A collaborative nature, working with diverse teams, from business leaders to individual contributors and the ability to influence with a sense of urgency, accountability, and ownership

Our commitment to Sustainability and Social Impact is an essential part of the way we do business, and we focus our attention on areas where we can have the greatest impact. Our approach to sustainability and social impact is based on three pillars – Environment, Sourcing and Community – and we are constantly looking for ways to demonstrate leadership in these important areas. Our CORE Values – Care, Ownership, Respect and Excellence – guide all our decision-making and come to life through our Blue Culture. We offer our colleagues progressive careers, comprehensive training, flexibility, and other competitive benefits – these are some of the many reasons why we are one of Canada’s Top Employers, Canada’s Best Diversity Employers, Canada’s Greenest Employers & Canada’s Top Employers for Young People.

If you are unsure whether your experience matches every requirement above, we encourage you to apply anyway. We are looking for varied perspectives which include diverse experiences that we can add to our team.

We have a long-standing focus on diversity, equity and inclusion because we know it will make our company a better place to work and shop. We are committed to creating accessible environments for our colleagues, candidates and customers. Requests for accommodation due to a disability (which may be visible or invisible, temporary or permanent) can be made at any stage of application and employment. We encourage candidates to make their accommodation needs known so that we can provide equitable opportunities.  
 
Please Note:
Candidates who are 18 years or older are required to complete a criminal background check. Details will be provided through the application process.

#EN