Director, Security Governance

We are looking for a Director, Security Governace.

Role description 

The Director, Information Security Governance is a senior leadership role that leads and manages the design, implementation and management of Security Governance services.    

Reporting to the VP, Technology Risk Governance and Control, this role articulates compliance and risk management objectives into operational security frameworks ensuring organizational standards for risk management and compliance are translated into security standards that are in alignment with business strategies and objectives. 

This governance role is also responsible for analyzing changes to regulatory and compliance requirements, assessing the impact to the enterprise’s business processes, technologies and security services,  leading and/or supporting compliance and audit assessments and developing and maintaining a security risk reporting framework.  These services are provided for all Participating Companies (Canada Life, Europe, and Empower Retirement).

What you will do 

• Provide leadership and direction to the Participating Companies (Canada Life, Europe, and Empower Retirement) to advance Information Security governance. 
• Develop and maintain security and technology risk frameworks and standards that can be operationalized across segments and are aligned to business strategies and objectives. 
• Develop and implement sound overall multiyear plans and annual tactical plans to achieve desired business goals related to Information Security governance. 
• Develop and maintain a technology and security risk reporting framework, including key risk indicators (KRI) and metrics for the enterprise. 
• Monitor changes in technology risk and security trends, best practices, industry’s standard frameworks, regulatory compliance requirements and determine their impact to the operational security framework and standards. 
• Manage the portfolio of technology and security risks to ensure they are current, accurate, and actions against remediation plans are tracked. 
• Establish and maintain a methodology and process to objectively evaluate and measure the progress of the technology and cyber risk management maturity across segments. 
• Lead and support the testing of standards and controls working with risk management, compliance departments and the areas operating the standards. 
• Lead and/or support regulatory and compliance assessments and evaluations. 
• Provide information related to audits and coordinate audit findings with GISO and IS leaders as well as internal and external auditors.  
• Lead a team of security professionals to achieve and surpass personal and team objectives 

What you will bring 

• 5+ years of experience in a similar technology risk leadership position 
• 5-10 years of experience in the financial services industry (or other regulated industry) 
• 5-10 years of progressive experience within the areas of security, technology risk, compliance, or governance 
• Experience building and working in matrix and complex organizations with demonstrated ability to influence teams where resources do not all report directly into the function. 
• Expert understanding of information technology security governance, assessments and best practices across the industry 
• Demonstrated ability to link high level policies and direction into actionable operational standards and directions 
• Strong verbal and written communication skills and interpersonal skills needed to effectively build relationships and communicate with Executives, internals stakeholders, and customers. 
• Demonstrate customer centric approach to problem solving 
• Ability to delegate appropriately and handle multiple priorities 
• Demonstrated ability to collaborate and reach consensus with others? 
• Deep understanding of how large enterprise organizations work, within in a regulated environment 
• Ability to attract, motivate and develop talent to build the right team to meet strategic direction and tomorrow’s needs 
• Extensive knowledge of Security and Technology Risk Governance and Control frameworks/standards (i.e., COBIT, ISO 27001, NIST CSF, ITL, etc.) 
• Professional Designation in IT compliance or Security such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control  (CRISC) or Certified Information Security Professional (CISSP) would be an asset 

Given the size and scope of our organization, we have the flexibility for this position to be located in the following head office locations: Montreal, Toronto, London, Winnipeg. 

Be your best at Canada Life- Apply today!

Great-West Lifeco Inc. (“Lifeco”) is an international financial service holding company with interests in life insurance, health insurance, retirement and investment services, asset management, and reinsurance businesses. Lifeco has operations in Canada, the United States, Europe and Asia and its companies have over $1 trillion in consolidated assets under administration and are members of the Power Financial Corporation group of companies. 

Canada Life serves?the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee?has the opportunity to reach their potential. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.


Learn more and Apply