Senior Manager, Information Security
We’re one of Canada’s largest pension investment managers, with CAD$230.5 billion of net assets as at March 31, 2022.
We invest funds for the pension plans of the federal public service, the Canadian Forces, the Royal Canadian Mounted Police and the Reserve Force. Headquartered in Ottawa, PSP Investments has its principal business office in Montréal and offices in New York, London and Hong Kong.
Capturing and leading complex global investments requires us to work as one to seize valuable opportunities, in close collaboration with some of the world’s top companies. At PSP, you’ll join a team of motivated and engaged professionals, dedicated to propelling our organization further than ever before.
EXPERIENCE THE EDGE
At PSP, we encourage our employees to grow, forge powerful relationships, contribute and fuel inspired investment launchpads. We are committed to a culture that fosters collaboration and allows us to think beyond, in an interconnected way. We advocate for our employees to speak-up, learn, experiment, share, and be part of an inclusive work environment where diversity is embraced.
ABOUT THE TEAM
As a member of the Information Security team, you will act as a partner to the technology teams and business lines on information security issues. You will support the organization in the management of security risks to ensure that PSP’s information assets are adequately protected, in line with its vision for information security and protection. You will be responsible for mitigating reputational, financial, operational, physical and personal exposure due to information security risk as the lead of the Security Advisory and GRC (governance, risk & compliance) groups.
ABOUT YOUR ROLE
As a Senior Manager, Information Security, you’ll:
– As an experienced manager and information security expert, actively contribute to the definition and implementation of the security strategy, in line with PSP’s strategic vision and digital strategy;
– Coordinate and develop the security risk and advisory offering, manage team priorities and capacity, and diligently address issues using a solution-oriented approach;
– Define, implement and maintain security policies and procedures;
– As the owner of the security risk management framework, oversee its evolution, application and compliance;
– Lead security risk assessments across the organization, including third party risks, to ensure that key risks are known, communicated and adequately tracked;
– Act as a strategic partner in information security for technology and business projects and participate in the deployment of technological solutions and business systems to support their secure implementation;
– Coordinate, plan and execute the security assurance program, including security testing, tabletop exercises, configuration management, compliance monitoring, etc.;
– Develop and maintain collaboration with the security engineering and operations teams, as well as our internal business partners (procurement, legal, etc.), to uphold the proper functioning of security processes and controls;
– Provide guidance, direction and coaching to the team to foster their development, support their performance and make sure objectives are met;
– Represent Information Security on working groups for various initiatives or activities to ensure communication of and compliance with information security requirements;
WHAT YOU’LL NEED
– Bachelor’s degree in information technology or administration (specialization in information systems or security), or a combination of education and experience deemed equivalent;
– Minimum of ten (10) years of relevant experience, including extensive experience in information security, technology risk or security architecture. Experience in the financial or investment sector is considered an asset;
– Significant experience in a team management and development role;
– In-depth knowledge and understanding of information security management frameworks, standards and best practices (ISO 27001, NIST, COBIT, ITIL, etc.);
– In-depth knowledge and understanding of application, cloud and systems security, and proficiency in applicable security solutions;
– Knowledge of SDLC processes and Agile/DevOps/DevSecOps delivery methods;
– Relevant professional designations (CISSP, CSSLP, CISM, CISA, CRISC, CGEIT), an asset;
– Bilingualism (English and French).
We offer a tailored employee experience and competitive total rewards and benefits package* designed to attract and retain global diverse talent, reward performance, and reinforce business strategies and priorities. Beyond salary and incentive pay eligibility, you have access to:
– A flexible hybrid work model with a mix of in-office and remote days based on business groups, teams, and roles
– A hybrid allowance to support any hybrid related needs
– Competitive pension plans
– Comprehensive group insurance plans
– Unlimited access to virtual healthcare services and wellness programs
– Generous and inclusive paid family leave
– Vacation days available on day one with additional days on milestone service anniversaries, and summer Friday afternoons off
– Investment in career development
*Benefits package may vary based on your employee type.
At PSP, we aim to provide an inclusive workplace where we leverage diversity and where everyone feels valued, safe, respected and empowered to grow. As part of this leadership commitment, we strongly encourage applications from all qualified applicants and strive to offer an inclusive and accessible candidate experience. If you require any accommodation for any part of the recruitment process, please let us know.
Visit us on www.investpsp.com/en/
Follow us on LinkedIn
Vaccination: We are committed to a healthy and safe work environment. As a Canadian Crown Corporation with offices around the world, we adhere to Canadian and local government guidelines regarding COVID-19. Vaccination is not currently a mandatory employment criteria. However, this is subject to change, depending on Canadian and local government guidelines.
How to Apply
Application Deadline: 31/08/2023
Please use the following link to apply: https://investpsp.wd3.myworkdayjobs.com/en-US/psp_careers/details/Senior-Manager–Information-Security_R3276