Manager, Cyber & Technology Risk

What you’ll do

Reporting to the AVP, Cyber & Technology Risk, and working closely with key stakeholders across IT, Risk and Regulatory Affairs and other key Business Units, the Manager, Cyber & Technology Risk, provides a layer of independent challenge of cyber risk through targeted independent assessments of current cyber security practices, roadmaps, and strategies across the enterprise.

In this role, you'll:

• Evaluate existing and future cyber technologies within the CTC environment and act as a challenge function to help ensure that the correct technologies are deployed to effectively mitigate cyber risks to an adequate level

• Ensure technology alignment to the published cyber security roadmap

• Oversee and manage relationships with third parties to deliver red teaming and threat hunting initiatives

• Maintain the process for developing and managing Cyber Risk governance and management activities.

• Act as liaison between cyber and technology risk functions in the first line such as IT, cybersecurity, and business; and Enterprise Risk and Internal Audit functions.

• Measure the cyber program against defined risk appetite and tolerance limits based on business needs and informed by regulatory compliance, industry standards and frameworks and technical capabilities. 

• Facilitate the identification and influence the remediation of cyber risk initiatives through effective KPI management leveraging metrics and stakeholders as required.

• Partner with IT and business stakeholders to assess the effectiveness of current business continuity planning and disaster recovery providing recommendations and influencing as required. 

• Promote a culture of Cyber Risk awareness throughout CTC

What you bring

• Over 7+ years’ experience in a cyber technology management role in retail or with a global footprint, or a similar industry

• Experience in evaluating and deploying a wider range of cyber security technologies (e.g., firewalls, cloud, IDS/IPS, DLP, IDAM, etc.)

• Deep knowledge of industry leading cyber security frameworks and regulations for identifying and managing cyber security risk (e.g., NIST, ISO, COBIT, PCI, etc.)

• Certifications in CISSP, CISM, and SCF

• CRISC and CISA a definite asset

• Expert knowledge of network technologies, hardware platforms and operating systems

• Expert understanding of security interoperability through an entire technology stack

• Good knowledge of applicable data privacy practices and laws

• Ability to exercise effective independent judgment, to priorities and deliver business results in a fast moving, high pressure and demanding environment with competing priorities.

• Strong interpersonal, communication, and influencing skills to build credibility and collaboration 

• Degree-level tertiary qualification or equivalent practical experience in Computer Science, Engineering, Business, Mathematics or a related discipline

We are looking for individuals who are:

• Creative and courageous, with the ability to manage in an environment of change and ambiguity to help us take bold, strategic moves in this rapidly evolving retail and cybersecurity environment 

• Action oriented, and comfortable taking calculated risks to better serve our customers and business

• Outcome focused, critical thinkers with the ability to analyze and visualize, to ensure continuous improvement across our entire business

• Collaborative team players with superior influencing skills, who build relationships easily across various stakeholder groups to move initiatives forward

• Inclusive leaders who build and develop teams that effectively anticipate and respond to disruption, while consistently delivering strong performance

If you’re curious, ready to take on new challenges and open to doing things differently to help us evolve rapidly, then this is definitely the place to be.

We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes. Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.

#LI-GS1

About Us

Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With more than 90 Owned Brands, 1,700 retail locations, financial services, exemplary e-commerce capabilities, and exciting market-leading merchandising strategies. We dream big and work as one to innovate with purpose for our customers at every level of our business, investing in new technologies and products, and doubling down on top talent to drive the company forward. We offer competitive salaries and wages to CTC employees, as well as store discounts, supported learning through our Triangle Learning Academy, Canadian Tire Profit Sharing, and retirement and savings programs for eligible employees. As part of our enhanced flex benefits program, we offer mental health benefits in the amount of $5,000 per year for benefits-eligible employees and their families, including total well-being, and mental health tools and resources for all employees. Join us in helping to make life in Canada better through living and working our Core Values: we are innovators and entrepreneurs at our core, outcomes drive us, inclusion is a must, we are stronger together and we take personal responsibility. It is an especially exciting time to join CTC and its family of companies where career opportunities are wide-ranging! Join us, where there's a place for you here.

Our Commitment to Diversity, Inclusion and Belonging 

We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better.

Accommodations  

We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.