Manager, Security Compliance & Engineering

Gore Mutual InsuranceCambridge, Ontario, Canada$119k – $169k1w ago

In Office Mid NA Cybersecurity Insurance Cloud Computing Security Engineer Governance Risk Management Team Management Performance Management Reporting

Upload My Resume

Drop here or click to browse · PDF, DOCX, TXT

Apply in One Click

Requirements

Autofill with MyGreenhouse

Responsibilities

The role will also manage a team of technical analysts and Engineers responsible for vulnerability management, threat hunting, best-of-class security tooling and practices, and collaborating closely with key stakeholders on security initiatives across Gore Mutual.
What will you do?
Manage the company’s documented security governance and compliance program
Create, review, implement and update companywide information security policies and procedures in alignment with the Enterprise Security Risk Framework.
Review internal security policies and guidance to ensure alignment with industry standards and frameworks such as NIST & CIS.
Perform internal compliance assessments against standards such as the PCI-DSS and regulatory entities such as AMF and PIPEDA.
Monitor IT systems for compliance with security policy.
Managing security audits and vulnerability and threat assessments
Operate the 3rd Party Risk Management Framework
Co-ordinate with the ERM Team to ensure alignment with the 3rd Party Risk Framework
Conduct security assessments of third parties.
Review vendor security controls and certifications.
Monitor third-party data breaches or cyber threats.
Advise on remediation plans for security gaps identified in third-party systems.
Continually evaluate and modernize 3rd party risk management policies and practices to ensure currency with threat landscape and risk trends.
Lead the security engineering program, implement and develop new security solutions to address key risks and enable ongoing maturity of the company’s security posture.
Understand and baseline our infrastructure security stance.
Lead and participate in technical design and product discussions with leaders across the organization and company.
Collaborate with security leadership to define strategy, roadmap, OKRs, priorities, and key metrics for the Security Engineering team.
Maintain architecture diagrams and documentation as environment evolves.
Hire, develop and lead an inclusive, engaged, and high performing team.
Maintain currency with the latest security risks and disclosures and ensure the company's infrastructure is sufficiently protected.
Work with other IT and Security teams to keep a holistic view of risks within Gore Mutual environments.
Update and monitor threat intelligence feeds for technologies used by Gore Mutual.
Operate the vulnerability management program, working with Infrastructure teams to monitor and provide target SLAs for patch management.
Manage Delivery of Security Projects across the Company’s Technology stack
Work with Information Technology, Project Management Office and Procurement to oversee delivery of key security projects.
Apply project management methodologies to ensure adherence to scope, timelines and budget.
Maintain JIRA and other project tracking tools as necessary
Document, report on and manage project progress, risks and issues
What will you need to succeed in this role?
Diploma or bachelor's degree in information technology/security management with relevant experience
10+ years of experience as a Manager of a technical team in a larger SMB or Enterprise organization.
5+ years of Technical Cyber Security experience – solutions implementation, administration and operation.
3+ Years of GRC (Governance, Risk, Compliance) experience in a larger business environment.
Broad experience in Cyber Security across multiple domains
People management and performance development
Hands on with Security Design and Architecture especially in a Cloud Based environment
Experience in DevOps and application of principles of DevSecOps to development pipelines,SDLC.
Experience with Vulnerability management, forensics and pen-testing
Experience with Microsoft Azure, AWS cloud security posture management
Privileged access management experience.
Microsoft security tooling (Defender, CoPilot for Security, M365 E5, Purview)
The expected base salary range for this position is $118,500 - $168,500. Depending on your relevant experience, skills, qualifications, market conditions and business needs, base compensation may vary. You have the potential to earn more through Gore Mutual’s discretionary bonus program which gives you an opportunity to increase your total compensation, provided the business meets its performance targets and you meet your individual goals.

Benefits

Gore Mutual is proud to offer a comprehensive total rewards package which includes extended health and dental benefits, disability insurance, retirement plan matching, paid time off, recognition and perk programs.
This posting pertains to an existing vacancy that is actively being filled.
Accessibility for applicants
Gore Mutual Insurance Company is committed to providing accommodations for people with disabilities during all phases of the recruiting process, including the application process.
If you require accommodation because of a disability, we will work with you to meet your needs. Contact us and a human resources representative will consult with you to determine an appropriate accommodation.
Should you request an accommodation during the interview process, please notify your Talent Acquisition Consultant.
Create a Job Alert
Interested in building your career at Gore Mutual Insurance? Get future opportunities sent straight to your email.

5h ago