Cadillac Fairview

Senior Manager, Information Security Risk and Governance

Cadillac Fairview  •  $101k - $126k/yr  •  Toronto, CA (Onsite)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Role impact:

The Senior Manager, Information Security Risk & Governance leads the Information Security Risk Management and Governance programs. Their main objective is to manage and continue the development of both programs to enhance and communicate the value of the Information Security (IS) practice in reducing related risks to CF.

In addition, this role is expected to work with technology and business stakeholders to identify Information Security risks, conduct risk assessments, recommend risks mitigation strategies, and monitor identified risks throughout its lifecycle. They also develop, maintain and report on Key Performance Indicators (KPI’s), Key Risk Indicators (KRI’s), Service Level Agreements (SLA’s), and other documentation related to the Information Security program.

What you will deliver:

  • Own and manage the Risk & Governance program within the D&T Department
  • Understand and manage Information Security risks pertinent to the organization’s business goals and work with various departments to identify, measure, monitor, and report on risk based on information assets
  • Partner with senior leadership team to obtain approvals for treatment of risk
  • Develop, document, and communicate risk mitigation strategies to risk owners; document and monitor the implementation of security controls and adjust risk rating accordingly
  • Develop, maintain and report on KRI’s, KPI’s and SLA’s related to Information Security program.
  • Research, implement and operate risk and governance technology tools and processes to enhance the effectiveness of the practice
  • Develop new Information Security policies; ensure all existing policies and related documents are up to date
  • Liaise with auditors and support the internal and external audit processes, including the collection of requested artifacts, review and prioritization of findings and recommendations.
  • Stay abreast of and actively seek out information on emerging trends in Information Security risks and threat vectors; apply new techniques in-line with overall Information Security objectives and risk tolerance of the organization
  • Work with internal stakeholders to develop strategies and implementation plans to enforce Information Security requirements and address identified risks
  • Identifies requirements and conducts business impact analyses for threats, risks, and vulnerabilities for the Security Operations team to execute vulnerability assessments, penetration tests and security audits
  • Primary author for risk and governance reports to highlight risk posture of the organization, mitigations, and recommendations

What your strengths are:

  • Ability to discuss with clarity risk and governance matters with non-technical stakeholders.
  • Ability to analyze a large, complex, interlinked environment of data, communications, and information systems, where the technology is changing as well as the types of threats and vulnerabilities.
  • Excel at problem-solving with a deep understanding of computer security and applicable laws and regulations.
  • Understand business goals and operations and align risk mitigation recommendations with overall strategy and budget.
  • Proven ability to conduct research into Information Security controls and technologies as required.
  • Ability to work independently, setting goals, prioritize and execute tasks in a high-pressure environment.
  • Excellent written, oral, and interpersonal communication skills.
  • Ability to collaborate effectively with other leaders
  • Ability to provide effective coaching to direct reports

What you need to succeed:

  • Post-secondary degree in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
  • Minimum 8 years of progressive responsibilities in developing and supporting Information Security risks management and governance programs; out of them, 3 years in a management role.
  • Excellent knowledge of security technologies which are commonly used in enterprises to protect information systems, including on premise, Cloud and Mobile.
  • Working knowledge of Information Security and Risk Management frameworks like ISO27001/2, ISO27005, NIST CSF and NIST 800-30
  • Understanding of legal and regulatory compliance standards and requirements like PCI-DSS and PIPEDA
  • CISSP, CISA, CRISC and other security certifications are a strong asset.

Starting base salary for this job level may range from $100,712 - $125,920. The actual base salary offered will consider several factors including, but not limited to the role, experiences, skills & qualifications, location, market and internal considerations; with this context, CF reserves the right to pay above this range.

Cadillac Fairview offers a competitive total rewards package in addition to base pay which includes a performance – based incentive plan, a comprehensive pension and benefits plan, paid time off including vacation, wellbeing & volunteer days and support for continued growth and development.

Why you should join us:

At Cadillac Fairview we have been transforming communities for over 50 years. We are so much more than our properties. We are building leaders at all levels. We offer the challenge of interesting work, a great organizational culture, the opportunity to collaborate with the best in the business, and support for your growth and development. We reward values-based behavior and superior results with a competitive rewards package that includes best-in-class benefits and pension. Imagine a place where you can make a difference!

At CF our everyday actions and critical business decisions are guided by our CF Values. Achieving results is naturally important for us and we achieve results through behaviours that are consistent with our CF Values.

Are you someone who believes in our values?

  • Aim Higher – we strive to exceed expectations
  • Own Your Expertise – we empower ourselves and each other
  • Collaborate Effectively – we bring the right people together to get the right results
  • Engage with Empathy – we objectively consider the needs of others
  • Embrace Change – we drive, learn from, and adapt to change

At CF you’ll join a diverse community and award-winning team where your talent and commitment to excellence are welcomed, valued and respected.

CF is an equal opportunity employer and is committed to creating a diverse and inclusive environment. If you need reasonable accommodation during the recruitment, assessment, and/or selection process, please notify your CF contact or email cfcareers@cadillacfairview.com.

Cadillac Fairview

About Cadillac Fairview

Cadillac Fairview (CF) is one of the largest owners, operators, investors and developers of best-in-class office, retail, multi-family residential, industrial and mixed-use properties in North America

Wholly owned by the Ontario Teachers’ Pension Plan, with assets under management of more than $30 billion, CF manages over 35 million square feet of leasable space at 68 landmark properties across Canada, including Toronto-Dominion Centre, CF Toronto Eaton Centre, Tour Deloitte, CF Carrefour Laval, CF Chinook Centre and CF Pacific Centre.

Continually striving to make a positive impact in communities where it operates by promoting social connection, growth, and a sustainable future, CF’s Purpose is Transforming Communities for a Vibrant Tomorrow. Learn more at cadillacfairview.com and follow CF on Instagram.

Industry
Real Estate & Property
Company Size
1,001-5,000 employees
Headquarters
Toronto, CA
Year Founded
1956
Social Media