Senior Information Security Risk Advisor

Senior Information Security Risk Advisor

Our client in the insurance industry is seeking a Senior Information Security Advisor to support security initiatives across a range of business units.

This is a critical role responsible for conducting risk assessments, managing security waivers, and providing expert advice on security best practices.

The successful candidate will collaborate with various internal stakeholders, including Digital, Application Services, Infrastructure, Architecture, Legal, and Compliance teams.

What is in it for you :

• Hourly salary of $60 to $70, based on experience.
• 12-month contract.
• Full-time position : 37.50 hours per week.
• Work schedule from 8 am to 4 pm.
• Enjoy the flexibility of hybrid work.
• Opportunity to work in a dynamic and professional environment.
• Join a passionate and inclusive team of professionals.

Responsibilities :

• Conduct information security risk assessments for assigned business initiatives, reviewing contracts, performing supplier risk assessments, and advising on security best practices.
• Identify, document, and escalate security risks associated with internal systems and external vendors, providing risk reports to management.
• Manage identified security risks, tracking action plans to ensure timely resolution and escalating unresolved risks to senior management, including VPs and the CISO.
• Provide technical security consulting to various business units, influencing decisions on high-impact technology projects and vendor selections.
• Support the Legal team by reviewing and interpreting information security clauses in contracts and agreements.
• Collaborate with internal teams to ensure security controls align with organizational policies, safeguarding sensitive information from unauthorized disclosure or modification.
• Maintain an up-to-date understanding of emerging information security trends, vulnerabilities, and technologies.

What you will need to succeed :

• Post-secondary education in a related field is required.
• Professional certifications (e.g., CISSP, CISM, CISA) are preferred.
• 7+ years of experience in Information Security, with a focus on Information Security Risk Management.
• Strong knowledge of IT security principles, protocols, and industry standards, including encryption, firewalls, access controls, intrusion detection / prevention, and advanced malware detection technologies.
• Proven ability to conduct security risk assessments and manage the mitigation of identified risks.
• Consulting skills, including the ability to provide expert security advice and facilitate solutions that balance security controls with business needs.
• Advanced written and verbal communication skills, capable of influencing senior leadership and writing detailed reports.
• Requirement for Enhanced Reliability Clearance (ERC) : Yes.

Why Recruit Action?

Recruit Action (agency permit : AP-2000003) provides recruitment services through quality support and a personalized approach to job seekers and businesses.

Only candidates who match hiring criteria will be contacted.

SLFJP00005163