Senior Information Security Specialist, Cyber Risk Measurement

What you’ll do

As a Senior Information Security Specialist, Cyber Risk Measurement at Canadian Tire, you will play a pivotal role in driving data-driven decision-making processes.

You will be defining and gathering meaningful cybersecurity metrics, designing and support operational reports, executive dashboards, and board-level reporting to empower our leadership team to make risk-based decisions.

This is a unique opportunity to move the needle and shape our organization's approach to cyber risk.

1. Metrics Definition and Data Gathering :

• Collaborate with cross-functional teams to define and gather data for cybersecurity metrics.
• Ensure the accuracy, completeness, timeliness, and relevancy of data collection processes.
• Implement efficient techniques for data validation, preparation, and cleansing using automated processes where possible.

2. Operational Reports and Dashboards :

• Design and support operational reports and dashboards for Cyber teams.
• Assist in prioritizing work based on risk and urgency through insightful visualizations.
• Automate data collection and preparation processes to improve operational efficiency.

3. Executive / Board-Level Reporting :

• Design, develop, maintain, and support Cyber metrics dashboards for the executive leadership team and the Board
• Create visually engaging reports that assist in making risk-based decisions.
• Incorporate feedback from stakeholders to enhance reporting accuracy and relevance.
• Prepare and maintain board-level Cyber risk reports to aid in strategic decision-making.
• Provide clear insights regarding cyber risks and necessary measures.

4. Documentation and Maintenance :

• Create comprehensive documentation to support dashboard maintenance.
• Develop data validation and user testing scripts to ensure integrity of metrics and access.

5. Cybersecurity Framework Mapping :

• Maintain mapping of cybersecurity metrics to adopted risk frameworks (e.g., NIST, ISO, COBIT).
• Align metrics with industry best practices to enhance reporting effectiveness.

What you bring

• Bachelor’s degree in Computer Science, Information Systems, related fields, or equivalent experience.
• 5+ years of proven experience in dashboard reporting or related roles (especially cybersecurity reporting)
• CISSP certification or other relevant industry certifications considered an asset.
• Familiarity with cybersecurity frameworks such as NIST CSF, ISO 270001, or COBIT 5.
• Strong data analysis skills including validation, preparation, and cleansing.
• Proficiency in data analysis tools such as Power BI, Power Query, and Excel for dashboard creation.
• Ability to automate workflows using Power Automate and shell scripting.
• Excellent written and verbal communication skills, with the ability to communicate effectively at all levels of the organization.
• Ability to present technical information clearly through visualizations to a non-technical audience.
• Strong understanding of IT and cybersecurity concepts, domains, and emerging trends.
• Proven ability to manage time effectively and meet critical deadlines.
• Experience in stakeholder management, including gathering requirements, determining meaningful metrics, and incorporating stakeholder feedback.
• Ability to work collaboratively across teams, influence change, and drive continuous improvement initiatives.
• Preferred Tools Experience : Power Automate, Power BI, Power Query, Excel
• Transferrable Tools Experience : Python, Tableau, SQL Database, VBA

Hybrid

We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes.

Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.

LI-CA2