Cybersecurity Risk Consultant

Description

Our team and what we’ll accomplish together

We live in and work in a rapidly evolving digital world where cyber security is critical. The Global CSO function for TELUS Health brings a focus on the Security of our Sensitive Health Information (PHI) and regulatory compliance, to meet and exceed the expectations of our global customers as the most trusted wellbeing company in the world. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.

The Cybersecurity Risk Management team is the central hub of expertise for identifying, assessing, and managing cybersecurity risks across the organization. You will report to the Manager, Cybersecurity Risks and work cross-functionally across all of TELUS Health to translate technical vulnerabilities into security relevant risk themes, ensuring leadership has the insights needed to make informed, risk-aware decisions.

If you're looking for impact, visibility, and growth — this is the team to be on. You’ll be part of a collaborative, forward-thinking group that doesn’t just flag risks, but helps solve them. You’ll work on high-priority initiatives, engage with stakeholders at all levels, and help shape the way cybersecurity risk is understood and managed across the business. We value critical thinking, curiosity, and clear communication — and we’ll support your development every step of the way.

What you will do

• Own and maintain the Cybersecurity Risk Register, providing strategic guidance to the CSO and cross-functional teams in documenting, classifying, and evaluating cybersecurity risks across TELUS Health’s information systems
• Critically analyze and understand established and newly emerging risks and ensure accuracy and consistency across all assessments. Deliver high-quality risk evaluations and propose actionable recommendations
• Ensure risk management practices and control measures are aligned with industry frameworks (e.g., NIST, ISO/IEC 27001) and internal governance standards
• Collaborate closely with risk owners and key stakeholders to support the mitigation and remediation of identified risks, following through on open actions with a balance of diligence and diplomacy
• Conduct comprehensive annual risk assessments and threat risk assessments as needed, and develop clear, concise risk reporting for CSO leadership and executive stakeholders
• Knowledge in data analytics, Python, and VBA coding is an asset for dashboard management
• Ability to work in an agile work environment and proficient in Office365 and Google workspace

Qualifications

What you bring

• 5 or more years of experience in one or more cyber security domains (e.g., network security, vulnerability management, secure software development, cloud security, third party risk management, governance, endpoint security, etc.)
• Strong knowledge of cybersecurity risk management frameworks and methodologies (e.g., NIST 800 series, ISO 27001, CIS, etc.)
• Experience in threat risk assessments, including of on premise & cloud technologies, (e.g., Google and Azure)
• Familiarity with relevant data protection, privacy and health-related laws and regulations, such as GDPR, HIPAA, PIPEDA
• Experience working within GRC platforms such as OneTrust, AuditBoard, Jira and Service Now
• Exceptional analytical, problem-solving, and decision-making skills. Ability to communicate clearly and effectively to senior management
• Relevant cybersecurity certification (e.g., CISSP, CISA, CISM, CRISC) is highly desirable

Advanced knowledge of English is required because you will most of the time interact in English with external parties (clients, suppliers, candidates, external partners, etc.); interact in English with internal parties (colleagues, internal partners, stakeholders, etc.); and work with IT tools whose interface is only accessible in English as part of this position's main responsibilities given its national scope.

By applying to this role, you understand and agree that your information will be shared with the TELUS Group of Companies’ Talent Acquisition team(s) and/or any leader(s) who will be part of the selection process.

#LI-Remote