Manager, Information Security

Job Description

What you'll do

• Developing and maintaining Information and Cyber Security Governance documents, including Policies, Standards, and Procedures/Guidelines/Process documents.
• Obtaining agreement, managing, monitoring, and reporting on cyber risks.
• Conducting annual risk assessments to identify any new or change in list of CTB's crown jewels.
• Preparing reports on CTB's cyber risk profile for the Cross-functional Risk Committee (CRC).
• Promoting a strong cyber risk and information security culture within the organization.
• Performing annual Information Security and Control vendor assessments on all CTB vendors in accordance with the Outsourcing Policy.
• Reviewing hardware and software to identify any gaps in services and solutions.
• Ensuring deficiencies are remediated and conducting appropriate tests to verify the operating effectiveness of controls.
• Building and maintaining effective partnerships with various stakeholders across the organization.
• Developing, implementing, and rolling out a self-assessment process that incorporates risk and controls assessment in day-to-day activities.
• Assisting vendor management in ensuring successful execution of the Annual IT Inherent Risk Assessment, including adjusting execution for any changes to the CEO/CFO certification process arising from new and/or changing risk areas.
• Contributing to the identification and adoption of state-of-the-art tools, technology, and techniques to optimize risk and controls assessment services.
• Escalating any material cyber-related issues and observed non-compliance or unethical behavior.

What you bring

• University degree or college diploma in technology.
• Completed professional certifications, such as CISSP, CISM, CISA, CCSP etc.
• 7+ years of experience in understanding risks, audits and processes relating to Information/Cyber Security and IT.
• 5+ years of strong management experience in a complex organization.
• Experience designing and implementing security programs with a focus on governance, cyber security, security monitoring and vulnerability management.
• Thorough understanding and experience of various Information and Cyber Security standards and frameworks, such as NIST CSF, ISO 27001/2, CSA, PCI DSS and COBIT etc.
• Good knowledge and understanding of regulatory requirements applicable to Canadian FIs.
• The ability to clearly and confidently communicate risks and associated trade-offs.
• Excellent relationship management, consulting, problem-solving and report writing skills.
• Flexible to adjust to changing priorities and timelines.
• Ability to travel as required to other office locations such as Toronto, Welland and Calgary.

We're always looking for great talent In addition to competitive pay, we offer:

• Comprehensive benefits and retirement programs
• Performance incentives, Continuing Education Programs
• Other perks to support your well-being
• Career growth opportunities and product discounts

Our typical hiring range is between $79,000.00 and $131,000.00 per annum. Salary decisions are also dependent on other factors such as your experience, job-related knowledge, skills and competencies, market location, industry benchmarks, internal equity and other role-specific requirements. We're committed to attracting top talent. For critical roles, the compensation offering will be reviewed to ensure alignment with market rate and conditions and the unique value you bring to the role. #LI-AG2

This posting represents an existing vacancy within our organization.

About Us

At Canadian Tire Services Limited/Canadian Tire Bank, it is our mandate to continue to create innovative and rewarding financial solutions for our customers. Our growing suite of products and services showcase the dynamic contributions from our employees and our success is driven by a strong vision, loyal customers, and our ability to build teams that reflect the diverse customers and communities in which we live and work. Join us, where there's a place for you here.

Our Commitment to Diversity, Inclusion and Belonging

We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better. .

Accommodations

We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.