Information Security Risk Management Analyst

Our Story & Purpose:

Were Vancity a member-owned credit union built on the principles of inclusion and social justice. Since 1946 our relentless commitment to these values has helped us challenge the status quo and break down barriers. Weve made bold commitments to become net-zero by 2040 across all mortgages and loans and were actively pursuing strategies in Indigenous banking and financial resilience for our members.

As the largest private sector Living Wage Employer in Canada were proud to be consistently recognized as one of the countrys Top Employers. If youre ready to join our team of 2700 diverse individuals access competitive rewards and benefits and be part of a greater movement - apply today!

Your Role in Supporting Our Members:

As an Information Security Risk Management Analyst you will elevate exiting risk management practices and processes. As a member of the Information Security Compliance team they will play a crucial role in identifying assessing and mitigating information security risks.

This is a permanent full-time role that will enjoy hybrid working arrangements which can be fulfilled primarily from the Vancity head office location and your Lower Mainland based home office. Periodically youll be required to attend in-person activities or events.

How Youll Make an Impact:

• Assist the Senior Manager Information Security Compliance in developing and implementing a strategic approach to information security risk management across people process and technology.
• Lead the development and maintenance of Information Security risk and governance KPIs KRIs and SLAs. Assist with metrics creation and reporting. Provide reporting on the status of information security risks to leadership and stakeholders.
• Participates in third-party and supply chain cybersecurity risk assessments.
• Maintain the IT risk register on the GRC platform (Onetrust Auditboard).
• Perform Security Threat Risk Assessments of all new projects and technology implementations.
• Develop and maintain IT and Security Risk Assessment processes and documentation.
• Advise various teams on risk mitigation and compensatory measures to reduce risks to acceptable levels using knowledge of Vancity policies technologies standards and industry best practices.
• Foster a risk aware culture across the organization.
• Other duties as assigned.

What Youll Bring to the Team:

• A bachelors degree or equivalent in Computer Science Business or a related field
• 3-5 years of progressive experience in information security risk management preferably in a mid-sized corporate organization or a financial institution
• Information Security Certifications in one or more of the following are desirable: Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM).
• In-depth understanding of risk management frameworks such as NIST RMF NIST AI-RMF ISO 31000 FAIR and ISO 27001
• A good understanding of relevant standards and frameworks that apply to the financial services industry such as PCI/ SWIFT/ NIST/OSFI
• Strong understanding of regulatory requirements and standards (e.g. OSFI BCFSA PIPA PIPEDA)

Youll Thrive Here If You Are:

• An exceptional communicator - you are comfortable communicating with stakeholders across different levels of the organization. You demonstrate confidence and provide highly specialized technical expertise and advice.
• Flexible You have a willingness to work in a highly flexible environment with multiple competing priorities.
• Organized - Good multi-tasking skills and the ability to prioritize work based on risk and business needs

We value lived experience so if you are interested in this role we encourage you to apply even if you feel your skills dont perfectly align with those listed.

What Youll Earn:

This role offers a salary range of$92700 to $115000. The base pay offered may vary depending on factors such as relevant qualifications skills previous experience and internal equity. As part of our total rewards package employees may also be eligible for our annual incentive program subject to program eligibility requirements.

Why Youll Love Working Here:

A career at Vancity is more than just a job youre joining a tradition of change-makers who are creating lasting change for our communities. Beyond base pay we offer a comprehensive total rewards package to ensure our employees are empowered to thrive:

• Living Wage Employer: Were the largest private-sector Living Wage Employer in Canada and consistently ranked among Canadas Top Employers.
• Customizable Benefits: Permanent employees receive flexible benefit packages that can be tailored annually to meet evolving needs.
• Generous Vacation: New employees start with 3-4 weeks of vacation per year with additional days earned over time.
• Extra Stat Holidays: In addition to BCs 11 statutory holidays we offer 2 extra days plus care days for personal or family illness.
• Immediate Health Coverage: Health and dental benefits begin on your hire date with three levels of coverage to choose from.
• Defined Benefit Pension: Our retirement plan provides a guaranteed income for life recognizing that retirement looks different for everyone.

Vancity Talent Programs:

Vancity supports an inclusive hiring process for candidates who self-identify as Indigenous Black or Trans. With special permission from the BC Human Rights Commissioner this initiative provides access to career development opportunities prioritized job screening and feedback. Any information you choose to share will be stored securely and used only for recruitment and career development connected to this initiative in line with the BC Personal Information Protection Act (PIPA). For details please see our dedicated Talent Programs job posting.

This role is an open vacancy and our hiring process is grounded in fairness transparency and inclusion. We are committed to an inclusive barrier-free and accessible recruitment experience for all candidates. If you require any accommodations or support at any stage of the recruitment process (including the application stage) we encourage you to let us know by contacting our Talent Acquisition team at Were here to work with you to ensure your needs are met promptly and effectively. All requests will be handled with the utmost respect and confidentiality so you can participate fully in the process.

Required Experience:

IC

Key Skills
IT Experience,Splunk,IDS,Cybersecurity,FIPS,PCI,NIST Standards,Information Security,Encryption,FISMA,RMF,Siem
Employment Type : Full-Time
Experience: years
Vacancy: 1