Senior Manager, Cybersecurity Strategy and Advisory
Job Requisition ID: 10746
Position Status: Permanent Full Time
Position Type: Hybrid
Office Location: Ottawa (preferred), Montreal (QC) and Toronto (ON) will be considered
Travel Requirement: Occasional
Language Designation: Bilingual
Language Skill Levels (Read/Write/Speak): CBC
Security Requirement: Secret
Salary: Our salaries generally range from $ 123553.59 to $ 154441.98 and are based on qualifications and experience.
About CMHC
The work you do and the work we do together matters. We come to work every day with a common purpose: to contribute to a well-functioning housing system.
At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration, connecting across CMHC and involving the right people to get our work done. We have flexibility, in how, when, and where we work, within the boundaries of the business needs and the nature of your role. Our leadership style is guided by trust, where our leaders favour an adaptive approach based on the needs of their teams.
Join us and be part of a team that's committed to making a real difference and be part of something meaningful.
What’s in it for you
We’ve got the purpose, the people and the perks you need for a fulfilling career. Here’s the comprehensive and generous benefits you get when you’re a permanent employee:
- Annual paid vacation.
- Annual individual performance incentive.
- Defined benefit pension plan.
- Comprehensive group insurance plan to support your well-being from day one.
- Support towards your personal and professional growth with training, mentorship and more.
- An inclusive workplace culture and environment.
About the role
The Senior Manager, Strategy and Advisory contributes to the development and implementation of cybersecurity strategies that align with organizational goals. This role is responsible for providing strategic guidance and leadership to a team of cybersecurity advisors, ensuring that cybersecurity principles are integrated into projects, IT systems, and business initiatives. By addressing cybersecurity risks, regulatory compliance, and emerging threats, the role supports the organization in achieving its security objectives. Additionally, the Senior Manager focuses on fostering team growth and delivering high-quality advisory services in collaboration with business stakeholders.
Office Location: Ottawa (preferred), Montreal (QC) and Toronto (ON) will be considered.
What you’ll do:
- Project advisory and expert guidance
- Advise on all IT-related projects to ensure they do not introduce additional risks to the organization and comply with security requirements, security standards regulatory requirements and provide actionable recommendations to improve security prior to production deployment.
- Collaborate with cross-functional teams to integrate security measures and promote adherence to cybersecurity best practices.
- Strategic Planning and Development
- Facilitate strategic alignment between various stakeholders, including first and second lines of defense, partners, and other IT departments to ensure cybersecurity strategies are integrated and aligned with overall business objectives and IT initiatives.
- Foster collaboration and communication among different teams and projects to achieve a unified and cohesive approach to cybersecurity by developing and executing cybersecurity strategies, initiatives, policies, and enterprise cybersecurity programs across the organization.
- Strategic Enablement and Risk Alignment
- Work closely with the Head of Information Security to operationalize the organizational risk and security vision through strategic planning and cross-functional alignment with industry trends, regulatory developments, and strategic opportunities for enhancing cyber security risk mitigation and cybersecurity posture.
- Develop and oversee high-priority, strategic cyber security risk management projects and programs that align with the cyber security long-term goals and evolving threat landscape.
- Identify emerging risks and recommend forward-looking strategies to address them before they impact business operations or objectives.
- Provide strategic guidance during security incidents and breaches when required.
What you should have:
- Undergraduate degree in Cyber Security, Computer Security, Information Systems Security, Computer Science, or a related field. An equivalent combination of education and/or experience can be considered.
- A professional designation, such as Certified Information Systems Security Professional (CISSP)
- 10 years of experience with increasing responsibilities and relevant work in IT Security and/or information security including: identity management, computer forensics, application security and network security technologies.
- 5 years of experience in providing leadership and direction to cybersecurity staff.
- Knowledge of an organization's information classification program and procedures for information compromise and demonstrated experience in consult with stakeholders to guide cybersecurity program activities.
- Strong understanding of risk management methods, including risk assessment and mitigation, feasibility studies with a strong understanding of operational impacts of cybersecurity lapses.
- Experience and/or knowledge of recognized standards. E.g. NIST CSF, ISO 27001/27002, ITSG-33, OSFI B13, CIS, etc.
- Excellent communication skills (both English and French), able to convey technical risk assessments and mitigation strategies to management and stakeholders.
It would be great if you also had:
- GIAC Security Leadership (GSLC), GIAC Critical Controls Certification (GCCC), or other relevant IT Security licenses, designations, or certificates.
- Knowledge of Canadian laws and Government of Canada regulatory requirements and standards.
Posting closing date: Note, the competition will remain active until filled.
Our commitment to diversity, equity, and inclusion
We’re committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non-Canadians who are eligible to work in Canada.
CMHC is an inclusive workplace where diversity of thought – and of people – are recognized, valued, and considered essential to achieving our mission.
Learn more about our commitment to diversity and inclusion
What happens after you apply
We know that applying for a new job can be both exciting and daunting, and we appreciate your effort. Learn more about our hiring process. If you are selected for an interview or testing, please advise us if you require an accommodation.
If you applied before and you were not successful don’t worry – we're always posting new positions, so don’t hesitate to give it another shot. We’re excited to see what you bring to the table this time around!