Information Security Officer
Join a happy, growing team! 86% of employees recommend MCAN as a great place to
work! XMC leads competitors in growth year-over-year!
The Information Security Officer (ISO) will be accountable for design, development, implementation (management or oversight) and documentation and governance. You will also serve as an advisor to the executive team on information security vision, strategy, governance and direction. In this role, you will be accountable for all projects and ongoing management (or oversight) of business processes designed to reduce and mitigate information security risks across the entire organization.
In addition, you will develop best practices to avoid security breaches, lead the coordination efforts to manage any security incidents when they occur. As the ISO, you will maintain a deep understanding of all relevant aspects of Cyber governance and management and you will lead and manage all aspects of the Cyber Awareness Program at MCAN.
This role will report to the Vice President, Information Technology and have a second reporting line to the audit committee.
What you will be responsible for:
Develop, manage and deliver on effective implementation of the Cyber Security Program for MCAN
Provide guidance and expertise regarding the security architecture for application development or infrastructure initiatives
Manage/facilitate security due diligence activities throughout the Application Software Development Life Cycle (SDLC) to ensure that security risks are identified, and controls are implemented to mitigate risk
Work collaboratively with all business functions to establish IT Security and Cyber Risk management function
Maintain the Enterprise Cyber Security Framework, Information Security Policy (ISP), and Standards
Ensure MCAN meets and exceeds all regulatory obligations and best practices (OSFI, FSCO, OSC and other related requirements)
Acts as a subject matter expert on relevant regulations and policies including the OSFI Cyber governance program and the relevant framework adopted by MCAN
Act as the primary contact during any information security incidents investigation and coordinate actions and reporting
Effectively manage MCAN’s Cyber Security Awareness Program to reduce employee cyber risk and promote risk culture
Responsible for internal/external audit and any other cyber/information security assessments and activities
Manage 3rd party security vendors, to ensure they are meeting their service level agreements and provide reports
The work experience, skills, education that you bring:
Technology-related Engineering or Computer Science undergrad degree, at a minimum Professional security management certification such as Certified Information Systems Security Professional (CISSP) is a must
Excellent written and verbal communication skills
Proven interpersonal and collaborative skills, with the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels
Knowledge and understanding of relevant legal and regulatory requirements such as OSFI, OSC etc.
Subject matter level expert knowledge of common information security management frameworks, such as NIST/ISO/COBIT
5-10 years of experience working in a Security role
5-10 years network administrative experience
3-5 years’ experience administrating a windows focused infrastructure
Successfully managing projects and tasks
Mastery of converting business and technical risks into actionable tactical tasks
Experience working with and managing policies, procedures, standards and guidelines related to SSAE 16/18
Experience utilizing SIEM, Firewalls, IPS, DLP, Check Point, Antivirus/Anti-malware in an enterprise environment.
Experience with Virtual Machine infrastructure (VMware)
Deep experience with public/private cloud security infrastructure
Strong knowledge of data privacy and data protection concepts
Working knowledge of collaboration and messaging platforms (i.e. Office 365, MS Teams)
An agile, boutique residential mortgage lender with the experience, the character and the commitment to excellence required in Canada’s evolving real estate market. XMC is proudly owned by MCAN Mortgage Corporation, a federally regulated mortgage investment corporation. Our team is made up of respected industry innovators, influencers and big-thinkers. We do things differently than other lenders. Our business isn’t selling mortgages, it’s building relationships. We’re all about team, how we can make contributions, and our own self development. If you’re excited about connecting - so are we!
MCAN is a niche-strategic investor in the Canadian real estate market focused on three key areas: single-family mortgages, residential construction loans, and other real estate investments. Our targeted approach to growth reflects our expertise and understanding of the needs of investors, clients, partners and the markets in which we invest.
Our people are our best asset - the kind of people you want on your team: smart, collaborative and helpful with a friendly, positive attitude. We are committed to building the company and building team member capabilities. Do you possess and value the same attributes? Are you interested in your own development? Then come join our team!
The above information in this description has been designed to indicate the general nature and level of work performed by employees in the position. It is not designated to contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
MCAN is committed to providing accommodation to applicants throughout the job application and interview process. If you require any accommodations, please contact our Human Resources team at 416 847 2461
- Pay Type Salary
- Employment Indicator Perm FT
- Toronto, ON, Canada