Lead Information Security Specialist

Department: IT

Employment Type: Regular Full-Time

Work Model: Remote

Language: English is required, French is an asset.

The Opportunity:

We are a leading Canadian financial services co-operative committed to being a catalyst for a sustainable and resilient society and our team is essential to deliver on this strategy. That’s why we prioritize our people, to ensure we provide a strong culture and development opportunities which enables our team to thrive and to live our purpose. The best part is that you will work with people that care passionately about you, our clients, and our communities.

Our Information Technology team aspires to be a leader in applying technology to power business strategies. We connect concepts with solutions to create value and efficiencies for our clients, employees, and communities. Our success is driven by our skilled and diverse team who are passionate about excellence, innovation, and agility.

The Lead Information Security Specialist is responsible for program/project/product/service development, quality assurance, and effective and efficient delivery of Security Governance program elements in the areas of policy advisory, assurance, training, awareness, with a heavy concentration on metrics & reporting.

How you will create impact:

You will get an exciting opportunity to work across a variety of domains within governance and compliance including:

You will:

• Collaborate within Enterprise Information Security to gather reporting and cyber requirements.
• Offer strategic guidance on the design, collection, and delivery of reporting metrics, including designing key performance indicators (KPIs) and key risk indicators (KRIs) to guide decisions.
• Manage and create an information security metrics framework according to standards and regulatory requirements.
• Coordinate, compile and deliver security risk and performance reports on a timely basis to senior leadership (Board Level, Executive Leadership) and relevant risk committees to provide transparency and support risk management across the organization
• Design and develop user friendly dashboards for a multitude of stakeholders across the organization.
• Automate metrics and processes to ensure data integrity.
• Develop and oversee execution of comprehensive social engineering testing initiatives.
• Assess, update and develop security awareness training programs and messaging based on emerging threats and participant feedback.
• Identify and verify key controls for effective governance and reporting to senior management.

How you will succeed:

• You have an innovative mindset to improve operational efficiencies and ability to influence change, with a primary focus on client needs.  
• You use critical thinking skills to recognize assumptions, evaluate arguments, draw conclusions and proactively propose solutions.
• You have strong communication skills to clearly convey messages and explore diverse points of view. 
• You build trusting relationships and provide guidance to support the development of colleagues.

To join our team:

• A bachelor’s degree in information technology, Cybersecurity, or a similar area is required.
• Five or more years of experience in security metrics, or security awareness or related fields.
• In-depth knowledge of information security principles, policies, and regulations.
• Comprehensive understanding of information security frameworks (e.g., NIST CSF, ISO 27001) and risk management practices.
• Previous experience leading reporting and metrics collection in medium to large organizations.
• Experience in measuring information security awareness programs in medium to large organizations.
• Excellent communication skills, capable of presenting complex information clearly and effectively to varied audiences.
• Proficiency with data analysis tools and techniques; experience with reporting software like Tableau or Power BI
• Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are beneficial.
• Capacity to work collaboratively within a team-oriented setting and manage multiple projects concurrently.

What you need to know:

• This role involves direct contact with clients and/or service providers in their environment. 
• Detail oriented work that requires a moderate degree of mental concentration for extended periods of time.
• Extended work hours, including evenings and weekends, may be required.  
• You will be subject to a Background check as a condition of employment, in the event you are the successful candidate.

What’s in it for you?

• Training and development opportunities to grow your career.
• Flexible work options and paid time off to support your personal and family needs.
• A holistic approach to your well-being, with physical and mental health programs and a supportive workplace culture.
• Paid volunteer days to give back to your community.
• In addition to our competitive salary and incentive programs, eligible employees also benefit from a comprehensive total rewards package including group retirement savings plans, pension and benefits (e.g., health and wellness, dental, disability and life coverage), mental health support and an employee assistance program. Please contact our recruitment team for more information.