Enable job alerts via email!
Security Governance & Risk Lead
Recrute Action
Southwestern Ontario
Hybrid
CAD 100,000 - 125,000
Full time
Today
Be an early applicant
Job summary
A recruitment agency in Ontario is seeking a Cybersecurity Lead to oversee penetration testing processes and manage AI-related security risks. The candidate should have over 8 years of cybersecurity experience, with strong proficiency in Power BI and regulatory knowledge. This role involves training IT staff, ensuring compliance, and driving automation in risk reporting. Competitive salary of $80-95 per hour, with a hybrid work model.
Qualifications
- Minimum 8 years of experience in cybersecurity or application security risk.
- At least 3 years in a leadership role.
- Knowledge of audit methodologies, and regulatory requirements.
- Certifications: CISSP, CISA, CISM, CRISC required.
Responsibilities
- Oversee global pentest processes and ensure regulatory alignment.
- Lead automation of penetration test processes and quality assurance.
- Deliver training sessions on application security risks.
- Assess web application penetration tests and cybersecurity controls.
Skills
Cybersecurity expertise
Stakeholder management
Analytical skills
Communication skills
Problem-solving
Education
Bachelor’s degree in Information Systems or related field
Tools
Power BI
Power Automate
Excel VBA
SharePoint
Burp Suite
Kali Linux
Job description
What is in it for you :
- Salaried : $80-85 per hour.
- Incorporated Business Rate : $90-95 per hour.
- 6‑month job assignment
- Full‑time position : hours per week.
- Hybrid role : 3 days in the office
- Join a passionate and inclusive team of professionals.
Responsibilities :
- Governance & Risk Oversight
- Assess web application penetration test standards aligning with the enterprise application security standards and risk appetite.
- Promote improvement in global penetration test process and governance models with second line of defense, first line control function and local market security functions.
- Review and challenge cybersecurity controls including DLP, IAM, cloud configurations, and third‑party dependencies to confirm the security risk reported from a penetration test report.
- Elaborate on the risk and controls of Manulife global penetration test process to internal audit functions and regulators.
- Quality Assurance Over Penetration Testing
- Oversee global pentest processes across Asia and North America markets, ensuring regulatory alignment.
- Drive consistency and quality assurance across all pentest engagements and reporting.
- Advise the proper treatment of vulnerability to internal clients as a remediation advisory service.
- Maintain centralized vulnerability records and dashboards using JIRA board, SharePoint, Power BI, and Excel VBA.
- AI Risk Management
- Lead and challenge AI‑related security issues including bias, adversarial attacks, prompt injection, and hallucination.
- Build and maintain an AI agent for penetration test quality assurance program.
- Automation & Reporting
- Lead, design and manage the automation of penetration test process and quality assurance program.
- Maintain the automated risk reporting processes using Power Automate and Power BI.
- Present quarterly risk insights to the Board of Directors.
- Training & Awareness
- Deliver training sessions to IT engineers and pentesters on application security risks and best practices.
What you will need to succeed :
- Bachelor’s degree in Information Systems, Computer Science, or related field.
- Minimum 8 years of experience in cybersecurity, IT audit, or application security risk, with at least 3 years in a leadership role.
- Experience in global financial services or regulated environments preferred.
- Knowledge of audit methodologies, control frameworks, risk management practices, and regulatory requirements relevant to the technology risk domain.
- Knowledge of relevant regulatory requirements and industry best practices in cybersecurity.
- Certifications required : CISSP – Certified Information Systems Security Professional, CISA – Certified Information Systems Auditor, CISM – Certified Information Security Manager and CRISC – Certification in Risk and Information Systems Control.
- Strong proficiency in Power BI, Power Automate, Excel VBA, and SharePoint.
- Familiarity with penetration testing tools such as Brup Suite, Kali Linux.
- Deep understanding of cybersecurity frameworks (OSFI B‑13, NIST).
- Excellent communication and stakeholder management skills.
- Strong analytical and problem‑solving abilities.
- Ability to lead cross‑functional teams and drive strategic initiatives.
- Demonstrated ability to work effectively in diverse environments and cultures, over a number of geographically dispersed office locations.
- Strong understanding of cultural difference across countries with good relationship skills including a demonstrated ability to deal effectively with staff at all levels and different locations.
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!
Land a better
job faster
job faster
Follow us
