Talent.com
Manager, Cybersecurity Risk Assessment
Manager, Cybersecurity Risk AssessmentCMHC • Ottawa, ON, CA preferred, Montreal, QC, CA and Toronto will be considered.
Manager, Cybersecurity Risk Assessment

Manager, Cybersecurity Risk Assessment

CMHC • Ottawa, ON, CA preferred, Montreal, QC, CA and Toronto will be considered.
30+ days ago
Job type
  • Full-time
  • Permanent
Job description

Job Requisition ID : 10748

Position Status :  Permanent Full Time

Position Type :   Hybrid

Office Location :   Ottawa (ON) preferred, Montreal (QC) and Toronto will be considered

Travel Requirement :  Occasional

Language Designation :  Bilingual

Language Skill Levels (Read / Write / Speak) :  CBC

Security Requirement :  Secret

Salary :  Our salaries generally range from $ 101639.30 to $ 127049.13 and are based on qualifications and experience.

About CMHC

The work you do and the work we do together matters. We come to work every day with a common purpose : to contribute to a well-functioning housing system.

At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration , connecting across CMHC and involving the right people to get our work done. We have  flexibility , in how, when, and where we work, within the boundaries of the business needs and the nature of your role. Our leadership style is guided by trust , where our leaders favour an adaptive approach based on the needs of their teams.

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

What’s in it for you

We’ve got the purpose, the people and the perks you need for a fulfilling career. Here’s the comprehensive and generous benefits you get when you’re a permanent employee :

  • Annual paid vacation.
  • Annual individual performance incentive.
  • Defined benefit pension plan.
  • Comprehensive group insurance plan to support your well-being from day one.
  • Support towards your personal and professional growth with training, mentorship and more.
  • An inclusive workplace culture and environment.

About the role

The Manager, Cybersecurity Risk Assessment, is responsible for supporting the development and implementation of cybersecurity risk mitigation strategies and monitoring cybersecurity risk levels within the organization. This role assists in identifying and assessing potential threats, ensures alignment with organizational objectives, and collaborates with other departments to integrate risk management practices into business operations.

Office Location :  Ottawa (ON) preferred, Montreal (QC) and Toronto will be considered.

What you’ll do :

  • Support the identification of potential risks and vulnerabilities to develop targeted risk mitigation strategies to reduce the impact of identified risks (technological, operational, financial, and compliance-related threats). Oversee the implementation of risk mitigation plans in collaboration with 1-B. Monitor and support the execution of these strategies and support the continuous monitoring of risks, the effectiveness of mitigation strategies and ensure they comply with relevant industry standards, regulations, and best practices.
  • Contribute to ongoing monitoring of IT and cybersecurity risk levels across the organization. Assist in evaluating and enhancing the risk assessment methodologies to identify vulnerabilities, threats, and potential impacts on organizational assets, including systems, data, and infrastructure so they remain effective and aligned with industry best practices and regulatory requirements. Recommend improvements to strengthen the organization's ability to identify, assess, mitigate and respond to these risks. Leverage risk management tools and frameworks to provide a thorough analysis of risks and their potential consequences. Contribute to the development and enhancement of IT and cybersecurity risk management processes, procedures, and standards to ensure effective risk identification, evaluation, and mitigation. Collaborate with relevant stakeholders to integrate these processes into business operations, ensuring consistency and compliance across the organization.
  • Provide regular reports to leadership and senior management on risk status, emerging threats, and mitigation progress. highlighting emerging risks, trends, and the effectiveness of existing mitigation efforts.
  • Support security incidents if required, providing guidance on response strategies to minimize damage and ensure a swift resolution. Coordinate with relevant teams to ensure proper documentation and post-incident analysis for continuous improvement.
  • Collaborate with leadership, IT, compliance, audit, first and second line of defense to integrate cybersecurity risk and risk mitigation strategies into business processes, ensuring effective and proactive risk management and alignment of risk assessment efforts with broader organizational objectives and risk management frameworks and ensure risk management practices meet regulatory standards and internal audit requirements. Support the preparation and response to audits, ensuring that risk controls are documented and effectively implemented.
  • Assist leadership in prioritizing IT risk-related programs and initiatives based on their potential impact, urgency, and alignment with organizational goals. Ensure that high-priority initiatives are monitored in terms of IT risks and align with overall risk management objectives.
  • Continuously assess and refine the organization’s risk management framework to ensure it addresses emerging threats, regulatory requirements, and industry best practices. Recommend enhancements to risk assessment methodologies and reporting processes to keep pace with evolving risks. Ensure clear and consistent communication of risk information across the organization, tailoring messages to various stakeholders. Develop and deliver risk awareness training for employees to foster a proactive risk culture and ensure informed decision-making at all levels. Communicate the results of cybersecurity risk assessments to senior management and key stakeholders, including potential risks, vulnerabilities, and recommendations for mitigation. Prepare detailed reports that present both technical and non-technical assessments in a clear and actionable manner.
  • Lead post-incident risk assessments following security breaches or cyber incidents to assess the impact and recommend corrective actions. Provide insights into how these incidents could inform future risk mitigation strategies and improve overall cybersecurity posture. Oversee the delivery of the training and awareness programs to improve organizational understanding of cybersecurity risks and risk assessment practices. Promote a culture of proactive risk management across all levels of the organization, ensuring that employees are equipped to recognize and respond to cybersecurity threats.

    • What you should have :

  • Undergraduate degree in Cyber Security, Computer Security, Information Systems Security, Computer Science or in a related field. An equivalent combination of education and / or experience can be considered.
  • 7 years experience in IT Security and / or IT information working with risk management methods including risk assessment and mitigation.
  • 3 years experience in providing leadership and direction to cybersecurity staff.
  • Ability to independently apply risk frameworks (e.g., NIST, ISO) and advise on the application of these methods in a cybersecurity context.
  • Knowledge of : impacts of cybersecurity lapses, including specific business functions and IT systems. Able to assess and provide actionable insights on how cybersecurity lapses affect business operations. security system resilience and how environmental or operational changes affect system performance. relevant cybersecurity laws and regulations, able to apply them within organizational contexts and ensure compliance.
  • Experience in : managing risk in cybersecurity, including risk identification, mitigation, and communication to stakeholders. performing risk assessments, analyzing potential impacts, and providing actionable insights to senior leadership. applying cybersecurity and privacy requirements to business needs, ensuring compliance with relevant laws and standards. conducting risk analysis and feasibility studies, capable of evaluating trade-offs in cybersecurity projects and initiatives.
  • Strong communication skills (oral and written) both in English and French with he ability to convey technical risk assessments and mitigation strategies to management and stakeholders (including senior management).

    • It would be great if you also had :

  • A Certified Information Security Manager (CISM) will be preferred.
  • A Certified Information Systems Security Professional (CISSP), GIAC Security Leadership (GSLC), GIAC Critical Controls Certification (GCCC) or other relevant IT Security licence, designation, or certificate.
  • Experience and knowledge of security technologies such as identity management, computer forensics, application security and network security technologies.
  • Experience and / or knowledge of recognized standards. E.g. NIST CSF, ISO 27001 / 27002, ITSG-33, OSFI B13, CIS, etc.
  • The knowledge of Canadian laws and Government of Canada regulatory requirements and standards. E.g. Treasury Board, Office of the Superintendent of Financial Institutes, etc.

    • Posting closing date : Note, the competition will remain active until filled.

    Our commitment to diversity, equity, and inclusion

    We’re committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non-Canadians who are eligible to work in Canada.

    CMHC is an inclusive workplace where diversity of thought – and of people – are recognized, valued, and considered essential to achieving our mission.

    What happens after you apply

    We know that applying for a new job can be both exciting and daunting, and we appreciate your effort. . If you are selected for an interview or testing, please advise us if you require an accommodation.

    If you applied before and you were not successful don’t worry – we're always posting new positions, so don’t hesitate to give it another shot. We’re excited to see what you bring to the table this time around!

    Create a job alert for this search

    Manager Risk • Ottawa, ON, CA preferred, Montreal, QC, CA and Toronto will be considered.

    Similar jobs
    Senior Business Analyst Cybersecurity (Remote) - Amaris Consulting

    Senior Business Analyst Cybersecurity (Remote) - Amaris Consulting

    Amaris Consulting • saint-esprit, qc, ca
    Remote
    Full-time
    Le candidat idéal aura une solide connaissance des écosystèmes AWS, des concepts de cybersécurité et des meilleures pratiques de l’industrie, avec une expérience dans le secteur des assurances en t...Show more
    Last updated: 4 days ago • Promoted
    Analyste Cybersécurité (DLP)

    Analyste Cybersécurité (DLP)

    DELAN • Montréal, QC, ca
    Full-time
    Quick Apply
    L’Analyste cybersécurité aura la responsabilité de soutenir la mise en œuvre du plan stratégique en matière de gestion des risques TI, de sécurité de l’information et de conformité.Il va agir comme...Show more
    Last updated: 30+ days ago
    Responsable d'assurance qualit / Quality Assurance Manager - Montreal & Plattsburgh

    Responsable d'assurance qualit / Quality Assurance Manager - Montreal & Plattsburgh

    Smardt • Dorval, QC, Canada
    Full-time
    Vous tes un leader qui s'panouit dans un environnement industriel dynamique et qui souhaite avoir un impact rel ? Chez SMARDT, leader mondial dans le domaine des technologies de refroidissement...Show more
    Last updated: 30+ days ago • Promoted
    Manager

    Manager

    Tim Hortons • Châteauguay, QC, Canada
    Full-time
    Join our growing team! We are looking for a Restaurant Manager!.As a Restaurant Manager, you are an enthusiastic role model and motivate team members to deliver exceptional service for every guest,...Show more
    Last updated: 30+ days ago • Promoted
    Analyste en cybersécurité SOC - montréal

    Analyste en cybersécurité SOC - montréal

    IDEKA Services Conseils • montréal, qc, ca
    Full-time
    Nous sommes à la recherche d'un analyste sécurité avec un profil en.Blue Team) et des connaissances en Offensif (Red team). Un « Top » gun dans ce domaine.Une personne ayant fait entre 5 et 10 ans d...Show more
    Last updated: 1 day ago • Promoted
    Performance Specialist, Fixed Operations - Saint Laurent

    Performance Specialist, Fixed Operations - Saint Laurent

    freelance.ca • Saint-Laurent, Canada
    Full-time
    Are you someone who thrives in dealership environments, builds strong relationships, and takes pride in elevating operational performance? Do you enjoy solving problems, coaching others, and making...Show more
    Last updated: 30+ days ago • Promoted
    Operations Manager Emergency Services

    Operations Manager Emergency Services

    Paul Davis Sud Ouest • Saint-Rémi, QC, Canada
    Full-time
    We are a leading disaster restoration company, providing emergency response and recovery services to our community.Our team supports property owners in their time of need after fire, flood, storm, ...Show more
    Last updated: 8 days ago • Promoted
    Cloud Cybersecurity Specialist

    Cloud Cybersecurity Specialist

    BRP • Montreal
    Full-time
    The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries.This critical ro...Show more
    Last updated: 16 days ago • Promoted
    Analyste Projets et Systèmes d’Information Senior

    Analyste Projets et Systèmes d’Information Senior

    Santé Montréal • Lanaudière, QC, Canada
    Full-time
    Une organisation de santé à Lanaudière recherche un analyste spécialisé pour gérer des projets complexes et coordonner des équipes. Le candidat idéal possède un baccalauréat en informatique, une exp...Show more
    Last updated: 21 hours ago • Promoted • New!
    Directeur(trice) - Analyse de risques en assurance des entreprises et prévention

    Directeur(trice) - Analyse de risques en assurance des entreprises et prévention

    Promutuel Assurance • La Prairie
    Full-time
    Être au cœur de ce que vous faites le mieux.Trouvez des défis stimulants et libérez votre véritable potentiel.Évoluez dans un milieu de travail authentique où règne un esprit d’équipe hors du commu...Show more
    Last updated: 6 days ago • Promoted
    Senior DevOps Engineer / Dveloppeur DevOps senior

    Senior DevOps Engineer / Dveloppeur DevOps senior

    Anyon Systems Inc. • Dorval, QC, Canada
    Full-time
    Anyon Systems builds the worlds most advanced superconducting quantum computers from the ground up.Our team spans quantum engineering, hardware design, cryogenics, embedded systems, and high-perfor...Show more
    Last updated: 1 day ago • Promoted
    Project Manager

    Project Manager

    Pattison Sign Group • Dorval, QC, Canada
    Full-time
    Communicate with internal and external colleagues and subcontractors, consult, facilitate discussions, and build strong relationships. .Establish a high level of trust with the assigned Account Mana...Show more
    Last updated: 30+ days ago • Promoted
    Senior Analyst, Investment Operations (EB)

    Senior Analyst, Investment Operations (EB)

    Totem recruteur de talent • Westmount, Québec, Canada
    Permanent
    Analyste principal(e), Opérations d'investissementÀ propos de l'entrepriseNous sommes une société de gestion d'investissements institutionnels indépendante, en forte croissance et basée à Montréal,...Show more
    Last updated: 30+ days ago • Promoted
    Risk Analyst and Internal Controles

    Risk Analyst and Internal Controles

    Fed Finance • Montreal, QC, Canada
    Full-time
    Founded in 2001, Fed Finance specializes in temporary and permanent recruitment for accounting and finance professionals. Our consultants are all experts and speak your language.We are committed to ...Show more
    Last updated: 6 days ago • Promoted
    Analyste d’affaires TI – Cybersécurité & transformation des processus - montréal

    Analyste d’affaires TI – Cybersécurité & transformation des processus - montréal

    ALFACONSEIL.CA • montréal, qc, ca
    Full-time
    L’Analyste d’affaires TI – Cybersécurité évolue au sein d’équipes agiles responsables de livrer des initiatives technologiques et d’affaires liées à la protection des environnements TI : sécurité d...Show more
    Last updated: 4 days ago • Promoted
    Chargé(e) de Projets / Project Manager

    Chargé(e) de Projets / Project Manager

    First Onsite - CA • H9P, QC, Canada
    Full-time
    Ce poste permet de s'assurer que les propriétaires bénéficient d'une expérience client exceptionnelle et qu'ils sont informés et satisfaits tout au lo...Show more
    Last updated: 30+ days ago • Promoted
    Cybersecurity Expert / ISO 21434

    Cybersecurity Expert / ISO 21434

    CS GROUP • Montreal, QC, Canada
    Full-time +1
    CS Group Canada, a subsidiary of CS Group (part of the Sopra Steria Group), is a leader in the development and certification of safety-critical systems in the aerospace, electric, and autonomous dr...Show more
    Last updated: 30+ days ago • Promoted
    Sr. Director, Managed Extended Detection & Response : MXDR

    Sr. Director, Managed Extended Detection & Response : MXDR

    GoSecure • Montreal, QC, Canada
    Full-time
    The Senior Director, Managed Extended Detection and Response (MXDR) is responsible for the overall quality and delivery of GoSecure’s MXDR suite of services — including managed endpoint...Show more
    Last updated: 30+ days ago • Promoted