Working under minimal supervision, the Manager, Information Security will contribute to Wawanesa’s success by supporting and executing the information security strategy and managing security controls, policies, procedures, and processes across Wawanesa to improve information security and manage cyber risk, in accordance with corporate policies, architecture standards and recognized industry best practices.
JOB RESPONSIBILITIES Supports the design, implementation, operation and maintenance of the Information Security Management Program. Forms a consulting function for information security management such as offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization. This will include an emphasis on promoting the commercial advantages of managing information security risks more efficiently and effectively. (Right size security). Supports the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations. Leads or facilitates suitable information security awareness, training, educational activities, security risk assessments, controls selection activities and value add security monitoring solutions, processes and metrics. Establishes business centric Information security metrics. Assists with third party vendor and contract reviews Negotiates and selects vendors for information security related solutions. Manages incident response and incident management. Leads vulnerability management program development and operations. Supports the design and reviews the Security Architecture. Liaises between Wawanesa Enterprise Risk Program and IS Performs other duties as assigned
QUALIFICATIONS Post-secondary degree/certificate or equivalent experience. 7 years’ work experience in Information Technology, preferably related to Information Security. Completion of, or working towards, a recognized management certification. Completion of CISSP and/or CISM certifications. Understanding of IT architecture, development and operations with a focus on information security. Ability to communicate, both verbally and in writing, in a persuasive and eloquent manner. Advanced analytical and problem solving skills with the ability to manage and prioritize a busy workload and multiple projects. Strong Leadership skills with the ability to engage and influence business and IS leaders. Ability to develop effective plans that define activities, resources, timelines and cost estimates. Able to translate information security topics into business risk language Ability to make well justified decisions in complex and high pressure situations GSEC, GIAC and CIPP certifications are considered assets Experience in the insurance/finance industry is considered an asset. Experience with Wawanesa’s specific methodologies and technologies is considered an asset Understanding of ITIL is considered an asset.
Wawanesa provides its employees with a respectful, challenging and rewarding environment where they can maximize their potential while contributing to the company’s goals. Our employees are provided with highly competitive compensation packages (salaries, generous vacation allowance, leave top up, goal achievement plan, premium free benefits and a pension plan). Wawanesa provides a stable and rewarding environment for its employees in today’s challenging markets.