Senior Information Security Advisor
Sun Life Toronto One York
Sun Life
Sun Life is a financial services company providing financial planning, life insurance, health insurance, investments and more.You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.
Job Description:
Candidates must be eligible for Reliability Status Clearance, which requires that they have lived and worked in Canada for the past 5 consecutive years. No exceptions, please.
Reporting to the Director, Security Advisory Services, the Senior Information Security Advisor will be aligned with one of Sun Life’s line of business. The Senior Information Security Advisor will manage the line of business portfolio including conducting Information Security Risk Assessments (ISRAs), performing contract reviews focused on security provisions, conducting supplier/third-party risk assessments, advising on security best practices, and reviewing emerging security strategies. The Senior Information Security Advisor will interact with various Sun Life internal teams including Business, Architecture, Infrastructure, Legal, Compliance and Risk, and Privacy teams, and external service providers.
What will you do?
The successful candidate will:
- Provide support to Sun Life’s line of business initiatives and projects through conducting information security risk assessments, reviewing contracts to ensure inclusion of appropriate security requirements, performing supplier/third-party risk assessments, and advising on security best practices.
- Assess the line of business’ initiatives and projects to ensure implementation controls aligns with Sun Life Information Security policies and directives.
- Provide security consulting to the line of business and various stakeholders, using technical expertise, to ensure necessary security controls are in place to safeguard and protect Sun Life confidential information, and improve overall security.
- Provide preliminary recommendations to business and management team on information security related risks.
- Provide regular Information Security updates to the assigned line of business’ IT management team including but not limited to status of current information security risk assessments, identified risks, penetration testing results, in-depth analysis of information security trends, and work completed.
- Track and manage open information security risks to ensure corresponding risk remediation plans and target dates are in place. Work with respective business and/or technology risk owner to ensure risk remediation.
- Provide support to Incident Management team during security incidents affecting the Sun Life’s line of business.
What will you need to succeed?
- Minimum of at least 5 years experience in Information Security and/or Information Technology (IT)
- In-depth knowledge of information security and IT principles, protocols, practices, and industry standards
- Strong understanding of existing and emerging Information Security technologies such as encryption, firewall, IDS/IPS, anti-malware, DDoS, behavioural analysis, advanced malware detection, etc.
- Extensive knowledge of various attack/threat vectors and determining the security controls to minimize and/or remediate the risk
- Experience performing risk assessments of cloud-based (SaaS) technologies including but not limited to AWS and Azure
- Excellent communication (verbal and writing) skills
- Must be able to work and communicate with various business groups from a non-technical perspective and interpret technical context into plain language
- Familiarity with contract wording and interpretation of security clauses
- Self-starter, can work with minimum supervision, strategic thinker, negotiator, and consensus builder
- Post-secondary education (University degree or college diploma) in Computer Engineering, Computer Science, Information Technology, Information Security and Risk Management or comparable professional education/training in a field relevant to Information Security
- Professional designation relating to Information Security (e.g., CISSP, CCSP, CISM, CISA) preferred
What’s in it for you:
- We’re honoured to be recognized as a 2024 Best Workplaces in Ontario by Great Place to Work® Canada.
- We’re proud to be recognized as a company with a 2023 Most Trusted Executive team by Great Place to Work® Canada.
- Wellness programs that support the three pillars of your health – mental, physical, and financial
- The opportunity to move along a variety of career paths with amazing networking potential..
- As a hybrid organization, you and your leader use business and Client needs to choose where you work, at home or in the office.
# LI – SJ #LI-Hybrid #LI-remote
The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.
Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.
Persons with disabilities who need accommodation in the application process or those needing job postings in an alternative format may e-mail a request to thebrightside@sunlife.com.
At Sun Life we strive to create a flexible work environment where our employees are empowered to do their best work. Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.
We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.
Salary Range:
82,000/82 000 - 135,000/135 000Job Category:
IT - Technology ServicesPosting End Date:
06/05/2024* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure CCSP CISA CISM CISSP Clearance Cloud Compliance Computer Science DDoS Encryption Firewalls IDS IPS Malware Pentesting Privacy Risk assessment Risk management SaaS SOAR
Perks/benefits: Equity Health care Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open SaaS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs