Leading and oversee auditors in performing audit planning, test program development, execution and reporting, including: Plan and lead collaborative risk-based Information Systems and Cyber Security audits of moderate to high complexity and conclude whether risks are appropriately managed through the existence of effective controls or other techniques.
Ensure quality of assignments through effective application of the Audit Standard Methodology and appropriate use of specific applications and tools.
Contribute to the delivery, effectiveness, and ongoing improvement of the Internal Control Over Financial Reporting (ICOFR) program by supporting assessments, identifying control gaps, and ensuring alignment with regulatory requirements and best practices.
Strive for efficient use of audit resources by monitoring execution of audits assigned, timely escalation, and management of conflicts.
Serve as subject matter expert for the Internal Audit function and stakeholders related to cyber security technology and processes including artificial intelligence (AI), cloud, infrastructure, applications, networks, virtualization, and security operations.
Prepare and deliver effective presentations to stakeholders at audit opening and closing meetings as a means of communicating and gaining their agreement and understanding of audit plans and audit results.
Provide value-adding and effective audit recommendations to stakeholder’s senior management identifying significant issues in a business context, working with audit stakeholders to identify and recommend feasible solutions.
Present audits conclusions and reports in a relevant and applicable context to Canada Life by ensuring they are supported by an orderly accumulation and analysis of documented audit evidence and that the content is clear and concise.
Perform accountabilities with minimal supervision and provide audit management and audit stakeholders with regular status updates of audits and assignments.
Actively seek to be informed of industry and corporate initiatives and trends to support effective audit continuous monitoring of the organization’s proper management of information and cyber security risks.
Leading and/or participating in professional practice and improvement initiatives.
Cultivating business relationships and work collaboratively with other functional areas.
Creating and maintaining a positive work environment.
Seeking learning and development opportunities in line with organizational needs and personal aspirations.

Requirements

7+ years of information technology and/or cyber security industry experience is required.
Experience in auditing current and emerging technologies and cyber related risks.
Experience in auditing “Full Stack” - hardware, software, systems, applications, and processes.
Knowledge and practical experience with security assessment tools (exploit tools, vulnerability assessment, SAST, DAST) and Security Operations Centre software (IDS, IPS, SIEM, EDR, etc.).
Knowledgeable and experience in areas such as network security architecture, disaster recovery and business resiliency, penetration testing, authentication, privacy, vulnerability assessments, data loss prevention, web application security, secure coding assessment, cloud security, DDoS protection, encryption, and malware protection.
Experience in using AI, automation, and data analytics tools including ACL, Power Query, advanced Excel, Power BI, etc.
Working knowledge of Canada Life’s primary business areas or other financial institutes would be an asset.
Bachelor’s degree in information technology, Computer Science or equivalent is required.
Excellent verbal, presentation and written communication skills and ability to communicate at all levels of the organization.
Proven ability to build and maintain trusted collaborative business relationships with the ability to engage and influence others.
One or more of the following certifications: CISA, CISM, CISSP, CCSP, GCIA is required.

Benefits

Opportunities for career advancement, access to industry-leading learning programs and up to $2,000 annually towards education reimbursement.
Flexible health and dental benefits, plus a $5,000 mental health benefit to support your well-being.
In addition to regular vacation and personal days, we support community involvement with a volunteer day.
Company-matching pension plan, share ownership program and additional investment options.
Employee recognition programs, service milestone celebrations, employee discounts and more!
We provide a workplace where employees feel connected and supported through Employee Resource Groups (ERGs), mentorship programs, social clubs and events.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

audit planningtest program developmentrisk-based auditssecurity assessment toolsnetwork security architecturepenetration testingdata analytics toolscloud securityvulnerability assessmentssecure coding assessment

Soft Skills

effective communicationpresentation skillscollaborative workrelationship buildingconflict managementproblem-solvingleadershiporganizational skillsadaptabilitycontinuous learning

Certifications

CISACISMCISSPCCSPGCIA