Manager, Cyber Security Jobs

WHO ARE WE?

The GroupHEALTH Family of Companies is a leading Canadian provider of employee benefits, made up of GroupHEALTH Benefit Solutions, GroupSource, Manion Wilkins & Associates Ltd, and Disability Management Institute and an additional 7 operating companies.

GroupHEALTH holds substantial controlling interest of the above companies and is a wholly owned subsidiary of Munich Re New Ventures, a division of Munich Re—one of the world’s leading providers of reinsurance, primary insurance, and insurance-related risk solutions.

YOUR ROLE

As the Senior Cyber Security Specialist you are responsible for leading the development and implementation of our cybersecurity strategy and will play a crucial role in safeguarding our company. You will be responsible for establishing and implementing robust security processes, developing policies, and building an Information Security Management System (ISMS). You will work on our existing roadmap of findings to identify and address security gaps, enhance our security posture, and ensure the protection of our valuable assets. Additionally, you will work closely with various Business Units to manage day-to-day security operations and will report to management of both GroupHEALTH and our parent company.

YOUR IMPACT

• You will collaborate with cross-functional teams to ensure that security requirements are integrated into system development and business processes across the organization.
• You will serve as the primary point of contact and responsible party for cyber and information security in the organization.
• You will develop action plans to mitigate the risks and address identified gaps.
• You will develop, implement and monitor an ISMS program to ensure the confidentiality, integrity, and availability of sensitive data owned, controlled or processed by organization.
• You will oversee third-party reviews and risk assessments, to ensure comprehensive evaluation of security risks.
• You will establish and maintain effective communication channels with management of the company and the parent company to report on the status of cybersecurity initiatives, risks and progress.
• You will establish and support an effective cybersecurity program in alignment with industry best practices, regulatory requirements, and organizational objectives.
• You will monitor and respond to security incidents, conduct investigations and lead incident response activities to effectively manage incidents to an acceptable resolution 
• You will provide guidance and support to technical teams in the design and implementation of security systems, networks, and applications.
• You will develop, document, and implement comprehensive security policies, standards, and procedures to protect information assets.
• You will develop metrics and reporting framework to measure cyber security and governance key performance indicators (KPIs) and key risk indicators (KRIs), including tracking industry trends and best practices.
• You will contribute to the development, and oversight of a global security management strategy and framework. 
• You will lead business compliance efforts for security, including supporting regular risk assessments to identify potential vulnerabilities, threats and areas of improvement.  
• You will work with internal and external stakeholders, including auditors and regulators to ensure compliance with relevant security standards, laws and regulation in the area of responsibility. 
• You will stay up-to date with latest industry trends, emerging threats, and security technologies. Make improvements and adjustments to the organization’s security strategy accordingly.
• You will ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against the business. 
• You will develop and deliver security trainings and awareness program to promote a culture of security across the organization and influence behavior to reduce cyber and information security risks.

THIS IS YOU

• You have your CISSP, CISM or similar Information Security related certification preferred. 
• You have strong planning, organizational and presentation skills. 
• You have a Cyber Security consulting background.
• You are very good command of Business English, both spoken and written. 
• You have a solid understanding of security best practices and international standards such as ISO27001, NIST and other.
• You have the demonstrated ability to participate in complex, comprehensive or large projects and initiatives. 
• You have customer orientation, strong negotiating and problem solving skills.
• You have a Bachelor’s degree in a security field or equivalent practical experiences of at least 2 years.  
• You have advanced knowledge of organization, technology controls, security and risk issues. 
• You have previous Security Training and Awareness, Security Governance, and Security Incident Management knowledge & experience.
• You have basic knowledge of laws and regulations applicable in offices in the area of responsibility. 

 what You'll Get

• Learn and grow with us through our employee education program.
• Comprehensive and competitive benefits package.
• 4 weeks' vacation, plus flex days to help you achieve that work-life balance.
• Wellness programs to support you in and out of the office.
• Comfortable compensation.

WHY YOU WILL LOVE WORKING FOR GroupHEALTH

Professional Development

We are a fast-growing company and as a result, there are ample opportunities for career growth and professional development when you join our team. From a transparent promotion structure and defined career paths to a wide range of learning and development opportunities, we do what it takes to invest in your career and help you hone your skills so you can grow alongside us!

Health & Wellness Benefits

We offer a comprehensive array of health and wellness benefits that provide choices so you can tune your benefits plan to fit your unique needs.

Events and Socials

When you join our team, you’ll enjoy everything from virtual company-wide teaching and training days, industry events, Happy Fridays, team social events and much more!