The Technology department is responsible for developing technology solutions that contribute to the achievement of BCI’s mission and long-term goals. The department manages the Corporation’s business applications and information technology infrastructure, providing support to a large group of financial professionals. The department is also responsible for authoring technology-related directives and conducting disaster recovery planning to minimize risk to the Corporation’s delivery of investment services.
Reporting to the Director, Security, Risk & Cloud Operations, the Manager, Security & Risk is responsible for providing leadership and ensuring security and risk services and products are delivered in accordance with industry best practices and BCI requirements. S/he will lead and manage an experienced team of senior security and risk specialists, and will work closely with other teams and external partners in an Agile hybrid environment to advance strategic and operational priorities, and continually improve the organization’s security posture.
The position can be based in either Vancouver or Victoria with travel between the two cities.
Bachelor’s degree in Technology, Engineering, Computer Science, or a related field
A minimum of 5-7 years of experience leading and managing a high performing technical team
A minimum of 3 years of experience providing security and risk products and services to customers
Knowledge of enterprise security standards including the CIS Critical Security Controls framework and ISO/IEC 27001
Knowledge of formal security engineering methodologies and processes as described in NIST SP 800-160 or equivalent
Knowledge of and experience working in a cloud environment with Agile and DevOps practices
Excellent writing skills, required to produce formal policies, reports and presentations are essential for the successful candidate
Excellent customer-service, listening, communication and problem-solving skills
Familiarity with SOC 1 compliance and reporting standards
Professional certifications including CISSP, GIAC or equivalent
Leads and manages a team of security and risk specialists and provides the technical leadership, mentoring and coaching to create a culture of accountability and innovation
Collaborates with Technology teams on security and risk roadmap planning, development and implementation
Determines the objectives and priorities of the team to ensure successful execution of business plans, operations plans, programs, projects and other initiatives
Establishes and reviews KPIs, metrics and reporting used to track, optimize and communicate team progress and performance outcomes
Manages the delivery of security and risk products and services including the design, analysis, development, testing and troubleshooting of security solutions
Manages the delivery of advanced security capabilities including enhanced network architectures, enhanced 24/7 monitoring, enhanced security controls, and threat intelligence and analytics
Responsible for the development, implementation and maintenance of security directives, standards, guidelines, and related procedures
Responsible for ensuring that SOC 1 compliance is fully adhered to in the implementation and maintenance of all Security and Infrastructure systems at BCI
Collaborates with Applications and Operations teams to understand and address the risk position of critical business applications and technology assets
Liaises with teams across the organization to ensure that security and risk governance requirements are in place and enacted consistently across operational activities
Ensures security and risk products and services are delivered to clients in accordance with industry best practices and internal standards and corporate requirements
Drives the resolution of security service issues end-to-end by coordinating resources, identifying resolution paths and providing relevant and clear communications to stakeholders
Interacts with multiple vendors, suppliers and contractors, proactively identifies risks and issues, and removes barriers that impedes progress and responsiveness
Creates a supportive and healthy work environment within the Department by ensuring effective communication, promoting teamwork, providing opportunities for staff involvement in planning,
and recognizing employees' contributions and achievements
Manages the financial resources within the overall allocated budget for assigned areas. Monitors financial reporting and status within the department and directs corrective action as needed
Maintains current expert knowledge in the field by reviewing relevant materials and journals and maintaining appropriate professional and external contacts
Undertakes special projects or assignments as required
Performs other related duties as required
Effective performers act with the future in mind. They plan for and make decisions within the framework of the organization’s strategic intent. They know and understand the factors influencing strategy. They consider future impact when weighing decisions.
Effective performers tap the full potential of employees in order to meet the corporate goals. They view accomplishments as results achieved through the efforts of others and of teams, rather than through singular effort. They appropriately delegate both responsibility and accountability and constantly and consistently provide mentorship.
Effective performers are skilled at directing, persuading, and motivating others. They are able to flex their style to direct, collaborate, or empower as the situation requires. They have established a personal power base built on mutual trust, fairness, and honesty.
Organization & Planning
Effective performers have strong organizing and planning skills that allow them to be highly productive and efficient. They manage their time wisely and effectively prioritize multiple competing tasks. They follow through on tasks to ensure changes in technology are communicated effectively.
Effective performers maintain appropriate focus on outcomes and accomplishments. They are motivated by achievement, and persist until the goal is reached. They convey a sense of urgency to make things happen. They respect the need to balance short- and long-term goals. They are driven by a need for closure.
Effective performers clearly and articulately convey technical and other information both orally and in writing to others in a manner appropriate to the listener. They write clearly, accurately and concisely, composing project, technical and other required documentation as required.
Effective performers see the organization as a series of integrated and interlocking business processes. They understand how their work connects with and affects other areas of the organization.
Effective performers are adaptable. They embrace needed change and modify their behaviour when appropriate to achieve organizational objectives. They are effective in the face of ambiguity. They understand and use change management techniques to help ensure smooth transitions.
Effective performers establish and proactively maintain a broad network of relationships (e.g. colleagues, co-workers, vendors, suppliers, etc.). They value these relationships and work effectively across the organization by maintaining positive working relationships with peers and others.