Overview
Senior Information Security Advisor Jobs in Toronto – Ontario at Sun Life
Title: Senior Information Security Advisor
Company: Sun Life
Location: Toronto – Ontario
Category: Security, IT/Tech
Job Description
:
Candidates must be eligible for Reliability Status Clearance, which requires that they have lived and worked in Canada for the past 5 consecutive years. No exceptions, please. Reporting to the Director, Security Advisory Services, the Senior Information Security Advisor will be aligned with one of Sun Life’s line of business. The Senior Information Security Advisor will manage the line of business portfolio including conducting Information Security Risk Assessments (ISRAs), performing contract reviews focused on security provisions, conducting supplier/third-party risk assessments, advising on security best practices, and reviewing emerging security strategies.
The Senior Information Security Advisor will interact with various Sun Life internal teams including Business, Architecture, Infrastructure, Legal, Compliance and Risk, and Privacy teams, and external service providers.
What will you do?
The successful candidate will:
Provide support to Sun Life’s line of business initiatives and projects through conducting information security risk assessments, reviewing contracts to ensure
inclusion
of appropriate security requirements, performing supplier/third-party risk assessments, and advising on security best practices.
Assess the line of business’ initiatives and projects to ensure implementation controls aligns with Sun Life Information Security policies and directives. Provide security consulting to the line of business and various stakeholders, using technical expertise, to ensure necessary security controls are in place to safeguard and protect Sun Life confidential information, and improve overall security.
Provide preliminary recommendations to business and management team on information security related risks.
Provide regular Information Security updates to the assigned line of business’ IT management team including but not limited to status of current information security risk assessments, identified risks, penetration testing results, in-depth analysis of information security trends, and work completed.
Track and manage open information security risks to ensure corresponding risk remediation plans and target dates are in place. Work with respective business and/or technology risk owner to ensure risk remediation.
Provide support to Incident Management team during security incidents affecting the Sun Life’s line of business.
What will you need to succeed? Minimum of at least 5 years experience in Information Security and/or Information Technology (IT)
In-depth knowledge of information security and IT principles, protocols, practices, and industry standards
Strong understanding of existing and emerging Information Security technologies such as encryption, firewall, IDS/IPS, anti-malware, DDoS, behavioural analysis, advanced malware detection, etc.
Extensive knowledge of various attack/threat vectors and determining the security controls to minimize and/or remediate the risk Experience performing risk assessments of cloud-based (SaaS) technologies including but not limited to AWS and Azure Excellent
communication
(verbal and writing) skills
Must be
able to work and communicate with various business groups from a non-technical perspective and interpret technical context into plain language
Familiarity with contract wording and interpr…
