Skip to Content

Senior Cyber Security Advisor -

1 open position

Senior Cybersecurity Advisor

About the Role

Canada’s Security Advisory Services is responsible for providing advisory services to business lines and IT teams to ensure that risks and controls align with Property and Casualty Insurance Client's Cybersecurity Standards and Policies while reducing operational risks.

The Senior Cybersecurity Advisor provides mentorship to business lines to ensure the design, development, and implementation of projects and initiatives adhere to the organization’s Cybersecurity Standards. This role will assist in assessing Cybersecurity risks to help business functions make informed decisions for protecting information assets.

As a domain expert in Cybersecurity, the incumbent will support Cybersecurity Managers by fostering strong relationships with Risk & Compliance, Privacy, Supplier Assurance, IT Infrastructure, and Operational Business Units.

The ideal candidate thrives in a forward-thinking and fast-paced environment.

Key Responsibilities

  • Act as a lead in one or more key team responsibilities.
  • Lead complex security projects, providing guidance to mitigate Cybersecurity risks.
  • Review architecture documents and create security assessment reports.
  • Stay up to date with emerging technologies and implement security controls to protect them.
  • Work on projects of various sizes, from large-scale initiatives to smaller implementations.
  • Collaborate with business lines, IT support functions, and stakeholders to ensure security compliance.

Additional Responsibilities

  • Promote awareness of Property and Casualty Insurance Client's Cybersecurity Standards and Policies.
  • Provide management support on Cybersecurity matters.
  • Address security-related requests from IT and business users, ensuring resolution and satisfaction.

Qualifications & Experience

Required:

  • Minimum 5 years of experience in Cybersecurity Threat Risk Assessments for new applications, systems, and cloud-based solutions.
  • Proven leadership experience in at least one key area within the cybersecurity domain.
  • Experience in 3rd Party Supplier Assurance and Risk Assessments, including issue remediation.
  • Hands-on experience managing penetration testing programs with external vendors and IT teams.
  • Expertise in Access Management reviews, including privileged access, processes, and tools.
  • Knowledge of DevOps, microservices, application migration to cloud, and SaaS-based solutions.
  • Experience working in Security or IT Audit teams, IT Development, System Administration, or Network Security.
  • Strong ability to establish effective working relationships with both internal and external stakeholders.

Preferred:

  • Knowledge of PCI Compliance requirements, including Compliance Attestation processes.
  • Familiarity with Ariba, Archer GRC, or equivalent governance platforms.
  • Post-secondary education in Computer Science, Computer Engineering, IT Security, or Risk Management.
  • Professional certifications such as CISSP, CISA, CISM, CCSP/CCSK, or GIAC are highly desirable.

--Pavitra_Deshpande--