Information Security Management System, Specialist (ISO 27001)

Permanent Full Time 

-

The ISMS Specialist works with IT and business partners to help them understand and manage information security risks and comply with the organizational information security policies. The role also supports the delivery of analysis-based Technology Risk services to our internal clients across Canada. This role will report into the Manager, Technology Risk Compliance & ISMS to support, review and maintain security standards, control catalogues, our ISO27001/ISO27017 certification, our ISMS which includes the risk register and issue register.

What you will do 

• Focused on maintaining and the upgrade of the Information Security Management System within the organization and continues improvement of ISMS processes.
• Reviewing, maintaining and updating the policies and procedures supporting the ISMS
• Review and maintain standards, control catalogues, regulatory compliance frameworks, risk and threat registers, and ensure there is a cyclical relationship between
• Support the business in communicating and assessing risks
• Support all related ISO audits practices
• Maintain ISO supporting documents and keep them updated
• Support GRC tool support, operation and continues improvement
• Support the Threat Intelligence Program, and its relationship to the Issue Management process
• Ensuring the compliancy with the security controls by working closely with the operational teams
• Working with project teams to identify required security controls, and ensuring controls have been implemented prior to transitioning technology platforms to production
• Strong desire to work collaboratively in an unconventional and non/linear way to problem solve unique solutions
• Be customer focused and delivery oriented to drive change in ambiguous situations
• Work proactively with internal clients to understand their needs and deliver creative solutions
• Strive for continuous learning and can influence others

What you will bring 

• Bachelor’s degree from an accredited college or university or equivalent experience
• Minimum five years’ experience as an information technology professional with at least three of those in information security demonstrating the accountabilities as listed above
• Strong knowledge of IT control frameworks such as COBIT, ISO 27001, and the NIST cyber security framework is a must. (holding a valid certificate related to ISO 27001 is an asset such as Lead Implementer or Lead Auditor)
• Holds at least one information security certification or actively working towards at least one security certification (e.g. CISSP, CRISC, CISM, CISA, CASP+))
• Strong working knowledge of regulatory compliance environments for the Canadian Insurance Industry (PIPEDA, OSFI, etc,)
• Strong working knowledge of the relationship between threats, risks, controls, standards, policies
• Strong working knowledge of threat risk assessment methodologies NIST, ISO, etc.
• Strong working knowledge of GRC tool operation and support.
• Strong technical background with exposure to multiple aspects of information technology, networks, server, application dev, architecture, storage, cloud etc.
• Excellent communicator including documentation, demonstrated presentation and negotiation skills
• Experience in Agile delivery environments
• Experience interpreting and consulting around meeting the requirements of the Information Security Policies and Standards for a large organization
• Working knowledge of IT Audit processes, including design of control test procedures
• Demonstrated ability to foster relationships and build trust
• Ability to work independently and deliver on commitments
• Strong analytical and problem-solving skills
• Experience in risk assessment methodologies   

-

The base salary for this position is between  $61,900.00 - $114,500.00 annually.  This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc).  If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Be your best at Canada Life- Apply today!

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

#LI-Hybrid