Information Security Advisor

We are hiring an Information Security Advisor to join our team in Toronto or Winnipeg. In this role, you will be a key player in protecting the organization’s critical information assets and ensuring compliance with industry standards and regulations. You will leverage a unique blend of technical expertise and strategic business insight to identify, assess, and mitigate security risks across all business operations.

• Security Risk Assessment & Solutions: Advise business and technology leaders on conducting security risk assessments and recommending appropriate security solutions.
• Policy & Standards Development: Collaborate with the Information Security team to develop, align, and maintain security policies and standards, ensuring they meet business needs and industry regulations (e.g., ISO 27001, NIST).
• Compliance & Remediation Initiatives: Recommend security compliance initiatives and remediation actions to protect the business, ensure ongoing effectiveness of security programs, and meet regulatory and client requirements.
• Industry Awareness & Research: Stay current with security and privacy trends, best practices, technologies, and regulations to ensure competitive positioning and security solution improvements.
• Security Strategy & Planning: Assist in developing and executing security strategies, plans, and budgets in alignment with business objectives and risk tolerance under the direction of the CISO.
• Benchmarking & Cost Studies: Participate in security benchmarking and cost-effectiveness studies to maximize business value and efficiency.
• Business Case Development: Prepare business cases for security solutions, focusing on risk assessment and alignment with organizational goals.
• Understanding the Business: Maintain a thorough understanding of the company’s technologies, processes, systems, data, and partnerships to align security strategies.
• Leadership & Advising: Act as the primary security advisor for local teams, collaborating with IT, finance, HR, legal, and other departments as necessary.
• Cybersecurity Program Leadership: Provide strategic and tactical leadership for the cybersecurity program, supporting enterprise-wide security initiatives.
• Incident Management & Partner Engagement: Serve as the main contact for security incidents and collaborate with partner firms to achieve security program objectives.
• Industry Participation: Represent the security program in industry conferences, forums, and meetings relevant to the company’s cybersecurity objectives.
• Risk Evaluation & Controls: Identify, evaluate, and recommend security controls to mitigate risks and ensure compliance with Information Security Policies and Standards.
• Threat Intelligence: Stay informed about security threats and vulnerabilities, sharing knowledge across the business to reduce risk.
• KPI & Metrics Development: Work with security and business leaders to define and communicate key performance indicators (KPIs) that align with business objectives, ensuring they are clear and understandable for non-technical teams.

• Leadership: Able to influence both business and technical outcomes, leading cross-functional teams and guiding indirect reporting relationships to achieve goals and deliver business results.
• Resilience: Thrives in dynamic environments with competing priorities and multiple stakeholders, demonstrating initiative and the ability to take ownership of solutions with minimal oversight.
• Strategy & Program Planning: Skilled at translating high-level goals into actionable steps, managing multiple projects to ensure continuous progress and alignment with organizational objectives.
• Communication: Strong verbal and written communication skills, capable of adapting messaging for both technical and non-technical audiences. Effectively negotiates with stakeholders while managing risks and ensuring delivery.
• Analytical Thinking: Demonstrates a deep understanding of business operations and how different components work together to design and implement efficient processes and technology.
• Judgment & Integrity: Makes sound decisions with a sense of urgency, prioritizing high standards of ethics, customer service, regulatory compliance, and business integrity.

• Extensive experience in security and risk assessments, with a focus on identifying and mitigating risks in complex environments.
• Strong background in security technologies and frameworks for protecting business data and systems.
• Proven ability to assess business risks and align security strategies, ideally in the financial sector.
• Excellent communication and relationship-building skills with both business and technical teams.
• Knowledgeable in security standards and frameworks like ISO 27001 and other industry’s best practices.
• 10+ years of IT experience, including 5+ years focused on cybersecurity.

• Learn by working alongside our experts
• Extended health care and dental benefits
• A retirement savings plan with company contributions
• A suite of Health & Wellness offerings
• Mental Health programs and support for you and your family
• Assistance for the completion of industry designations
• Competitive compensation

At People Corporation we are committed to helping businesses succeed. We are a national provider of benefits, retirement, wealth, wellness, and human resource solutions. Our experts and solutions serve over 20,000 clients representing nearly 3 million Canadians. We offer customized solutions designed to fit the unique needs of businesses and their employees, members and stakeholders.

Providing an inclusive, accessible environment, where all employees and clients feel valued, respected and supported is something we're committed to. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employeehas the opportunity toreach their potential. If you require an accommodation or an alternative format of any posting please reach out to careers@peoplecorporation.com