Job Title: Information Security Risk Manager

Location: Toronto, ON (Hybrid - 2 days/week onsite at 160 Front Street West)

Start Date: ASAP

Contract Duration: 2 years

About the Role

We are seeking a seasoned Information Security Risk Manager to lead risk management activities for a dedicated technology portfolio. Working within the Office of the Chief Information Security Officer, this position is critical in ensuring that cybersecurity and information security risks are identified, assessed, and effectively mitigated across various lines of business.

This is a high-visibility opportunity to contribute to a strong culture of security risk awareness, consult on strategic projects, and influence enterprise-wide technology security strategies.

Key Responsibilities

• Act as a key advisor on information security and technology risk for stakeholders across the organization
• Conduct risk assessments and security consultations for business and technology projects
• Identify and address control gaps, developing risk mitigation and remediation plans
• Collaborate with architecture, compliance, and audit teams to ensure enterprise-wide security integration
• Monitor and report on risk trends and control effectiveness; develop key metrics and dashboards
• Consult on regulatory compliance issues (e.g., OSFI, privacy standards), supporting audit readiness and response
• Represent security in incident response processes and help define business-impacting response strategies
• Foster a culture of information security through consultation, training, and cross-functional alignment

Must-Have Qualifications

• 8+ years of experience in cybersecurity or information security risk management
• Proven ability to translate complex technical concepts into language that resonates with business stakeholders
• Demonstrated experience with cybersecurity frameworks, controls, and risk management practices
• Bachelor's degree in Computer Science or a related technical field
• Strong communication, collaboration, and consulting skills across all organizational levels

Nice-to-Have Skills

• Background in Security Architecture
• Experience in a financial institution or other regulated industry