Information Security Advisor

You are as unique as your background, experience and point of view. Here, you'll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

Reporting to the Director, Security Advisory Services, the Information Security Advisor will assist business units with risk assessment and compliance matters as it relates to Information Security.

The Information Security Advisor will conduct information security risk assessments on initiatives, third-party suppliers/external vendors, applications, perform security contract reviews, advise on security best practices, and review emerging security strategies. The Information Security Advisor interacts with various Sun Life business groups and teams, including but not limited to, Business, Architecture, Infrastructure, Legal, Compliance and Risk, and Privacy teams.

What will you do?

The successful candidate will:

• Provide support to Sun Life Business Group initiatives/projects through conducting information security risk assessments, reviewing contracts to ensure inclusion of appropriate security requirements, performing supplier/third-party risk assessments, managing security waivers, and advising on security best practices.
• Assess various initiatives/projects to ensure implementation controls aligns with Sun Life Information Security policies and directives.
• Provide security consulting to Sun Life Business Groups and various stakeholders, using technical expertise, to guide and influence implementation of security controls to safeguard and protect Sun Life confidential information from intentional or accidental disclosure, modification, or destruction, and improve overall security.
• Provide management team with an in-depth analysis of information security trends, status of identified risks, penetration testing and vulnerability scan results, security incidents, current work activities, and work completed by the department.
• Provide preliminary recommendations to the management team on information security related risks.
• Provide support during an Incident Management affecting the Sun Life Business Group by gathering information for analysis from various internal and external sources.
• Track and manage open information security risks to ensure corresponding risk remediation plans and target dates are in place. Work with respective business and/or technology risk owner to ensure risk remediation.

What will you need to succeed?

• Minimum of at least 5 years experience in Information Technology (IT) and/or Information Security
• In-depth knowledge of IT and information security principles, protocols, practices, and industry standards
• Experience performing risk assessments of cloud-based (SaaS) technologies including but not limited to AWS and Azure
• Strong understanding of existing and emerging IT and security technologies
• Strong communication and negotiation skills with senior staff and executives
• Excellent report writing skills
• Familiarity with contract wording and interpretation of security clauses
• An understanding of Sun Life's Business and ability to work with diverse groups
• Must be able to work and communicate with various business groups from a non-technical perspective and interpret technical context into common business language
• Self-starter, can work with minimum supervision, strategic thinker, negotiator and consensus builder
• University degree or college diploma in Computer Science, Engineering, Information Technology, Information Security and Risk Management or comparable professional education/training in a field relevant to IT Security management
• Professional designation relating to Information Security (e.g., CISSP, CCSP, CISM, CISA)

Unique Requirements:

• The successful candidate is required to attain Canadian Reliability Security Clearance (administered by submitting fingerprints to the RCMP, who then conduct min. 5 year history checks).
• Please review the section 201 on the Federal Government site to verify if you are eligible for this clearance (https://www.tpsgc-pwgsc.gc.ca/esc-src/personnel/pdcf-rsrp-eng.html).

What's in it for you?

• Great Place to Work® Certified in Canada and the US - 2022
• Great Place to Work® award for Best Workplaces for #HybridWork
• 2022 Named "Best Places to Work" by Glassdoor - 2021
• Canada Award for Excellence for Mental Health at Work
• 2021 Flexible hybrid work model including in-country work-from-home if you prefer.

The Base Pay range is for the primary location for which the job is posted. It may vary depending on the work location of the successful candidate or other factors. In addition to Base Pay, eligible Sun Life employees participate in various incentive plans, payment under which is discretionary and subject to individual and company performance. Certain sales focused roles have sales incentive plans based on individual or group sales results.

Diversity and inclusion have always been at the core of our values at Sun Life. A diverse workforce with wide perspectives and creative ideas benefits our clients, the communities where we operate and all of us as colleagues. We welcome applications from qualified individuals from all backgrounds.

Persons with disabilities who need accommodation in the application process or those needing job postings in an alternative format may e-mail a request to thebrightside@sunlife.com.

At Sun Life we strive to create a flexible work environment where our employees are empowered to do their best work. Several flexible work options are available and can be discussed throughout the selection process depending on the role requirements and individual needs.

We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

Salary Range:

Job Category:

Posting End Date: