Senior Specialist, Cybersecurity Strategy and Advisory

 

Job Requisition ID: 11038  

Position Status: Permanent Full Time 

Position Type: Hybrid 

 Office Location: Montreal (QC); Ottawa (ON); Toronto (ON)

Travel Requirement: Limited 

Language Designation: English Essential 

Language Skill Levels (Read/Write/Speak): ZZZ 

Security Requirement: Secret 

Salary: Our salaries generally range from $ 101639.3 to $ 127049.13 and are based on qualifications and experience. 

 

About CMHC

The work you do and the work we do together matters. We come to work every day with a common purpose: to contribute to a well-functioning housing system.

 

At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration, connecting across CMHC and involving the right people to get our work done. We have flexibility, in how, when, and where we work, within the boundaries of the business needs and the nature of your role. Our leadership style is guided by trust, where our leaders favour an adaptive approach based on the needs of their teams.

 

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

 

What’s in it for you

We’ve got the purpose, the people and the perks you need for a fulfilling career. Here’s the comprehensive and generous benefits you get when you’re a permanent employee:

• Annual paid vacation.
• Annual individual performance incentive.
• Defined benefit pension plan.
• Comprehensive group insurance plan to support your well-being from day one.
• Support towards your personal and professional growth with training, mentorship and more. 
• An inclusive workplace culture and environment.

 

About the role

Join the Technology and Business Transformation sector in the Senior Specialist, Cybersecurity Strategy and Advisory position. This role is responsible to implement, operationalize, and execute the strategy for IT Cybersecurity Risk Management in line with the objectives of the cybersecurity security program and CMHC’s requirements, safeguarding the interests of CMHC’s IT security environment.  The team’s focus is on ensuring the organization's adherence to regulatory requirements, managing risks, and maintaining robust governance practices. Together, they develop and implement policies, procedures, and controls that safeguard the company's assets and reputation. They collaborate across departments, identify potential risks, conduct IT security verifications, and provide strategic recommendations to enhance compliance and risk management.

 

Office Location:  Ottawa is preferred.  Montreal and Toronto will be considered.

 

What you’ll do:

• Act as a senior subject matter expert in IT Cybersecurity Risk Management.
• Provide expert-level advice to leadership to guide and influence the management of IT Cybersecurity risks across the corporation.
• Identify and facilitate the implementation of appropriate controls to effectively manage information risks. Provide complex consultative advice to relevant stakeholders, enabling informed risk management decisions.
• Support the Head Information Security (CISO) on the status of IT Cybersecurity risks within CMHC, the impact of IT Cybersecurity initiatives in mitigating risk, and the overall IT Cybersecurity Program and CMHC Corporate Strategy.
• Develop, gather, and track key IT Cybersecurity risk and performance indicators to monitor IT Cybersecurity risk status and program performance.
• Assist the Head Information Security (CISO) in executive and board-level reporting on program performance, IT Cybersecurity risk status for CMHC, and key indicators.
• Communicate program performance to relevant stakeholders and foster collaboration with business units, other organizational risk sectors, and IT to improve the IT Cybersecurity risk profile of the organization.
• Identify and support the development and evolution of the information Cybersecurity program.

What you should have: 

• An undergraduate degree in a related field such as Cyber Security, Computer Security, Information Systems Security, Computer Science or in a related field.
• A minimum of 7 years of relevant experience in information security, working with risk management methodologies including risk assessment and mitigation.
• Strong communication (written and verbal) and interpersonal skills, including the ability to negotiate, influence and challenge various audiences.
• Experience working in a highly regulated environment (such as a financial institution).
• Experience working with cybersecurity laws and regulations.
• Experience and/or knowledge of recognized standards and risk frameworks (ie.:NIST CSF, ISO 27001/27002 and 27005, ITSG-33, etc.).
• Experience in overseeing the security administration, compliance, or governance of a corporation. 
• Experience in writing complex cybersecurity risk analysis/risk assessment reports for a variety of audiences (technical and non-technical).

It would be great if you also had:

•  Bilingualism (English and French).
• A Professional designation, we would prefer the Certified in Risk and Information Systems Control (CRISC), otherwise such as Certified Information Systems Security Professional (CISSP), Certified in the Governance of Enterprise IT (CGEIT) or other relevant IT Security licence, designation, or certificate. 
• An experience and knowledge of security technologies such as identity management, computer forensics, application security and network security technologies.
• A knowledge of Canadian laws and Government of Canada regulatory requirements and standards. E.g. Treasury Board, Office of the Superintendent of Financial Institutes, etc.

Posting closing date: Note, the competition will remain active until filled. 

 

Our commitment to diversity, equity, and inclusion 

We’re committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non-Canadians who are eligible to work in Canada.

 

CMHC is an inclusive workplace where diversity of thought – and of people – are recognized, valued, and considered essential to achieving our mission.

 

Learn more about our commitment to diversity and inclusion 

 

What happens after you apply 

We know that applying for a new job can be both exciting and daunting, and we appreciate your effort. Learn more about our hiring process.  If you are selected for an interview or testing, please advise us if you require an accommodation.

 

If you applied before and you were not successful don’t worry – we're always posting new positions, so don’t hesitate to give it another shot. We’re excited to see what you bring to the table this time around!