Director, Applications and Cloud Security

We are Canada Life

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing. 

Be your best at Canada Life.

Technology redefines the way we work and deliver to meet business needs and elevate the customer experience. You’ll be part of an organization that is embracing modern technology, innovation, and agile ways of working. 

Our Canada Technology team is a strategic partner in our business – with an ambition to be a forward-thinking, agile technology organization delivering secure, resilient, and leading solutions that support Canada Life and the well-being of millions of Canadians.

We are looking for a Director, Applications and Cloud Security

The Director, Application and Cloud Security will partner with key stakeholders in developing and implementing proactive and effective applications and cloud security programs across the Canada Technology organization, helping technology teams to deploy and manage secure technology products and services to enable business objectives.  Working closely with the AVP, Information Security, this role will be responsible to ensure technology systems are secured, processes to identify vulnerabilities and misconfigurations are developed, and daily monitoring and alerts are managed.

This role must have a strong understanding and experience with identifying and eliminating security risks in variety of applications and cloud platforms. This role will work with technology stakeholders to drive engagement and adoption of applications and cloud security best practices to ensure security risks are identified, communicated and timely remediation efforts are executed.

What you will do 

• Promote secure SDLC services and practices including static and dynamic scanning, open-source security analysis, and penetration testing
• Provide security training and education across DevOps teams to promote secure development through integration of security tools into the CI/CD pipelines
• Collaborate with software development teams and business leadership to provide expert advice on secure coding techniques, remediate identified vulnerabilities and drive down software security risk
• Partner with technology stakeholders to define and execute the cloud security strategy, identify, and drive resolution on cloud security projects and issues
• Champion DevSecOps practices to shift cloud security left with increased automation and preventative controls
• Manage cross functional relationships to drive security adoption across applications and cloud services, while fostering an environment of collaboration and enablement
• Improve cloud security posture by driving incident response, application vulnerability management program execution, effectively communicating security risks, developing remediation plans, and tracking issues to resolution
• Look for opportunities to manage dynamic workload efficiently to ensure timely response to business need
• Collaborate effectively with other leaders from across the organization to identify, formulate and enforce security improvements that balance risk with business operations, and do not diminish efficiencies or innovation
• Actively participate in supporting the organizations ISO and SOC programs
• Foster, advocate for, and strengthen Canada Life’s overall security posture
• Build and maintain a backlog of security remediation work
• Establish, support, and streamline security reporting metrics
• Lead the Security Assurance team to achieve and surpass personal and team objectives
• Provide support to risk, governance and audit activities and testing 
• Perform other duties as assigned

What you will bring 

• 8+ years of leadership experience managing applications and cloud security teams
• Practical knowledge of cloud and application security controls is a must
• 10+ years of progressive experience across multiple information security domains
• 5+ years experience in the financial services industry is preferred
• Bachelor's degree in Computer Science, Information Systems, Business Technology or equivalent experience
• Strong Understanding of information security controls, tools, and practices across variety of applications and cloud platforms
• Working experience developing and implementing security controls in Google Cloud, Microsoft Azure and AWS
• Exposure to Orchestration, Automation, and Management tools in cloud environments
• Strong understanding of IAM and privileged access management in cloud platforms
• Proven ability to identify, analyze and translate information security risk in the context of what it means to achieving business objectives
• Demonstrated ability to deliver measurable results to enhance security posture and reduce risk
• One or more of the following certifications in a good standing order is considered an asset: CISM, CISSP, CCSP and CSSLP
• Working knowledge of information security frameworks like ISO27001/2 and NIST
• A “continuous improvement” mindset
• Excellent written and oral communication skills
• Demonstrated capability to build and foster strong relationships through collaboration, influencing change, and building consensus
• Constant learner and passion for technology and risk governance
• Deep understanding of how large enterprise organizations work, within in a regulated environment
• Excellent track record of leading and developing high performing teams
• Experience with ServiceNow GRC or other GRC platforms is an asset

Be your best at Canada Life- Apply today 

We are one of Canada's top 100 employers!

Canada Life serves?the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee?has the opportunity to?reach their potential.

Canada Life?would like to thank all applicants, however only those who qualify for an interview will be contacted?