Senior Technology Manager, Information Security (Cybersecurity)

Position Title:​ Senior Technology Manager, Information Security (Cybersecurity) 

​Reports To:​ ​ Head of Technology - Risk and Governance

​Department:​ IT Security and BCP​
​Term:​ Permanent Full-Time 

​​Work Arrangements: This is a hybrid role. You will work in our office in Waterloo, ON a minimum of two (2) assigned, consecutive days every other week, plus a fifth (5th) assigned day per month. You are welcome to work from the office more than the minimum requirement and there may be some roles that are required to work in our office more than the minimum requirement. 

​ 

​​The Opportunity: The Senior Technology Manager, Information Security (Cybersecurity) is an enterprise-wide technology leadership position responsible for cyber security architecture, infrastructure, and operations across the organization. This role requires innovative and forward-thinking abilities to proactively anticipate and mitigate evolving cyber security risks and foster a culture of security awareness. The role is responsible for the architecture, implementation and management of all security tools and infrastructure within the organization. The role will also be responsible for security incident management as well as enabling continued digital modernization with safeguards to protect and secure enterprise platforms. Knowledge of the application of security intelligence. The successful candidate will develop and implement strategies to ensure compliance with relevant regulations and align cyber security initiatives with the organization's overall business goals and objectives.  
​

What you will be doing:​ 

The Senior Technology Manager, Information Security (Cybersecurity) oversees a team of security specialists and administrators and is responsible for the day-to-day Security operations as well as the management and strategic improvement of the Security operations program at Equitable.

• Provide strong leadership and mentorship to teams responsible for cyber security infrastructure and operations.
• Lead the Security Operations team through supporting existing tools and ensuring functionality is maximized in line with business priorities and good cyber security practices.
• Work with vendors to ensure support of current environments
• Work with vendors to evaluate new tooling and work with business for new tool acquisition
• Ensure security tooling aligns with controls to provide data security
• Lead the organization through cybersecurity incidents, ensuring swift and effective remediation.
• Collaboration with cross-functional teams to ensure a cohesive approach to cybersecurity.
• Galvanize support and inspire cross-functional teams to work together toward cybersecurity goals.
• Monitor and respond to cyber threats, proactively protecting the organization from cyberattacks.
• Stay updated on emerging threats and industry best practices to maintain a secure digital environment.
• Understand the legal and ethical implications of cybersecurity decisions.
• Promote a culture of collaboration, innovation, and agility within your teams.

What you will bring:​ 

• Comprehensive understanding of cybersecurity principles, technologies, and best practices to develop and implement effective strategies to mitigate risks related to cyber-attacks, security incidents and other evolving threats.
• Ability to apply industry best practices to data protection and staying up to date with emerging cyber security trends.  Understanding how cybersecurity frameworks (e.g. ISO 27001) can provide a foundational guidance for establishing standards.
• Strong leadership skills working with a medium sized team.  Providing mentorship, coaching, development and guiding through change.
• Strong background in Security Operations working directly hands-on experience with security tools across multiple platforms.
• Proven experience in DevSecOps, including the integration of security into CI/CD pipelines using SAST and DAST tools
• Ability to forecast, assess, and manage cybersecurity risks effectively, including identifying vulnerabilities, evaluating their impact, and implementing risk mitigation strategies.
• Familiarity with and understanding of relevant compliance, data protection laws and industry-specific regulations or guidelines (e.g., PIPEDA, OSFI B13, PCI DSS) and the ability to ensure organizational compliance.
• Strong analytical and critical thinking skills and the ability to apply such skills to unchartered situations or events to make informed risk-related decisions and recommendations to executive leadership.
• Effective problem-solving, adaptability, and a collaborative mindset are important for dealing with the ever-changing landscape of information security threats.
• Proven experience handling and guiding organizations through crises or unforeseen cybersecurity related events that pose significant risk to its business operations or clients.
• Demonstrated strategic thinking and communication capabilities, with the ability to synthesize, develop, and present clear and concise recommendations to improve cybersecurity.
• Ability to communicate a compelling vision and inspire others to deliver on cybersecurity initiatives
• Proficiency in articulating and showcasing progress to senior stakeholders.
• Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and Certified Ethical Hacker (CEH).

What’s in it for you: 

• A healthy work-life balance with employee wellness top of mind
• Annual bonus program, annual vacation allowance, and company-paid benefits program
• An additional paid volunteer day each year so you can spend time giving back to the community
• Immediate enrollment in the company’s pension program with employer matching
• Employee resource groups that support an inclusive work environment
• Tuition support and specialized program assistance
• An onsite, full-service cafeteria with a variety of daily options
• Discounts on company products and services, and access to exclusive employee perks
• Regular EQ Together events focused on company togetherness and collaboration
   

As part of the recruitment/offer process you will be required to:​ 

• Provide two professional references (minimum one supervisor and above) 
• Undergo a criminal background check