Apply now »

Director, Business Information Security

Description:

Permanent Full Time

The Director – Business Information Security is part of the Business Information Security Office, first line of cyber defense team, working with IT and business partners to understand and manage information security risks and comply with the organizational information security policies. This leadership role with the team, supports providing business and technology leadership reporting on security issue status, acting as a trusted advisor on security topics, and helping the security teams understand business priorities. Finally, the role will play a key part in aligning efforts for the defined business and technology units to the broader security and technology risk strategy.

This is a senior level security role which reports to the AVP, Business information Security within the Business Information Security Office.

What you will do

Support the BISO team in business-aligned security planning, risk assessments, and control implementation.
Partner with business leaders, IT, and security teams to integrate security into strategic initiatives, product development, and operations.
Provide guidance on regulatory compliance, internal policies, and customer requirements.
Coordinate responses to client security inquiries, audits, and due diligence.
Monitor and report on business-specific security risks, control effectiveness, and remediation progress.
Facilitate communication between business stakeholders and cybersecurity leadership to align priorities and expectations.
Promote a culture of security awareness through targeted education and engagement.
Stay informed on emerging threats, regulatory changes, and industry trends to advise the business proactively.
Oversee execution of technology and security initiatives aligned with enterprise strategy and business goals.
Oversee implementation and monitoring of security controls to ensure compliance with standards and regulations.
Support security assessments, audits, and risk reviews, and coordinate remediation with stakeholders.
Collaborate with IT, development, and infrastructure teams to embed security into technology projects.
Define and report aggregated security risk metrics to business and technology leadership.
Provide security consulting and advisory on business initiatives, including projects, client inquiries, and M&A.
Understand business objectives to tailor security solutions that protect critical assets.
Keep the business informed of security requirements, changes, and necessary actions to advance maturity.
Participate in cybersecurity and business committees and working groups.
Oversee and support business response to security incidents, investigations, and remediation.
Manage a cybersecurity team, providing mentorship, performance management, and career development.

What you will bring

8+ years of experience in cybersecurity, IT risk management, or related fields, with at least 3 years in a leadership or managerial role.
Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001), risk management practices, and regulatory requirements.
Proven ability to lead cross-functional teams and deliver complex security initiatives.
Experience with security operations, incident response, vulnerability management, and governance.
Excellent communication and interpersonal skills, with the ability to translate technical concepts into business language.
Proficiency in resolving conflicting requirements to deliver effective cybersecurity solutions
Proven record in assessing, prioritizing, and mitigating enterprise security risks
Strategic planning, relationship building, and collaboration skills
Skilled at driving cross-functional security efforts and influencing across all levels
Adept at understanding business priorities and processes, capable of integrating cybersecurity into the business through teamwork and influence
Ability to work effectively with diverse teams and personalities, adapting management styles to achieve mutually beneficial outcomes
Strong analytical and problem-solving skills, with a focus on risk-based decision-making.
Relevant certifications such as CISSP, CISM, CRISC, or equivalent are preferred.
Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree is a plus).

The base salary for this position is between $92,100 - $170,500 annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Be your best at Canada Life- Apply today!

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

#LI-Hybrid

Requisition ID: 3626

Category: Digital Technology

Location:

London, ON, CA Toronto, ON, CA Winnipeg, MB, CA

Date: May 28, 2025

If you are not finding suitable opportunities now, please click below to join our talent community!

Join Our Community

Apply now »

Provider	Description	Enabled
Vimeo	Vimeo is a video hosting, sharing, and services platform focused on the delivery of video. Opting out of Vimeo cookies will disable your ability to watch or interact with Vimeo videos. Cookie Policy Privacy Policy Terms and Conditions
YouTube	YouTube is a video-sharing service where users can create their own profile, upload videos, watch, like, and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos. Cookie Policy Privacy Policy Terms and Conditions