Manager, Threat Modeling and Risk Analysis

Manager, Threat Modeling and Risk Analysis

Our employees are at the heart of everything we do. Together, we help people, businesses, and society prosper in good times and be resilient in bad times.

Our employee promise represents Intact’s commitment to you in exchange for living our Values, striving to do your best work, being open to change and investing in your career. In return, we promise to provide support, opportunities and performance-led financial rewards at a workplace where you can shape the future, win as a team and grow with us.

As the Manager, Threat Modeling and Risk Analysis, you will be at the forefront of our cybersecurity initiatives, responsible for identifying, assessing, and mitigating risks that could impact our organization. Your role will involve leading risk assessments, establishing cybersecurity strategies, and developing a threat modeling framework to safeguard our digital environment.

1. Establish Cybersecurity Risk: Develop and maintain a comprehensive cybersecurity risk management framework, ensuring the protection of our digital assets against potential threats and vulnerabilities.
2. Lead Cyber Risk Assessments: Conduct in-depth cyber threat risk assessments using industry standards such as NIST CSF (Cybersecurity Framework), OSFI B-13 (Guideline B-13 Technology and Cyber Risk Management). Measure cybersecurity maturity and identify areas for improvement.
3. Identify Improvement Opportunities: Analyze findings from risk assessments to identify weaknesses and propose actionable recommendations for enhancing our cybersecurity measures.
4. Prepare Security Roadmaps: Develop and implement strategic security roadmaps to address identified risks and ensure continuous improvement in our cybersecurity posture.
5. Threat Modeling Framework: Establish and maintain a robust threat modeling framework to predict, understand and present potential threats and vulnerabilities in our systems and applications, enabling proactive risk management.

• Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
• A minimum of five (5) years of relevant professional experience in security.
• Proven experience in cybersecurity risk management and assessments.
• In-depth knowledge of NIST CSF, OSFI B-13.
• Strong analytical and problem-solving skills to assess and mitigate cybersecurity risks.
• Excellent communication and leadership skills to effectively collaborate with cross-functional teams and stakeholders.
• Relevant certifications such as CISSP, CISM, or CRISC are a plus.
• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English speaking colleagues across the country.
• No Canadian work experience required however must be eligible to work in Canada.

Our hybrid work model provides the balance between working from home and enjoying meaningful in-person interactions.

Working Here Means You'll Be Empowered To Be And Do Your Best Every Day. Here Is Some Of What You Can Expect As a Permanent Member Of Our Team

• A financial rewards program that recognizes your success
• An industry leading Employee Share Purchase Plan; we match 50% of net shares purchased
• An extensive flex pension and benefits package, with access to virtual healthcare
• Flexible work arrangements
• Possibility to purchase up to 5 extra days off per year
• An annual wellness account that promotes an active and healthy lifestyle
• Access to tools and resources to support physical and mental health, embracing change and connecting with colleagues
• A dynamic workplace learning ecosystem complete with learning journeys, interactive online content, and inspiring programs
• Inclusive employee-led networks to educate, inspire, amplify voices, build relationships and provide development opportunities
• Inspiring leaders and colleagues who will lift you up and help you grow
• A Community Impact program, because what you care about is a part of what makes you different. And how you contribute to your community should be just as unique.

We are an equal opportunity employer. We value diversity and strive to create an accessible workplace. We encourage applications from equity-deserving groups and are committed to reconciliation and inclusivity. If you require accommodations during the recruitment process, please let us know.

If you are an employee of Intact or belairdirect, please apply on the Internal Career Site.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Research, Analyst, and Information Technology

Industry: Insurance