Cyber Supply Chain Risk Manager

Our employees are at the heart of what we do best: helping people, businesses and society prosper in good times and be resilient in bad times. When you join our team, you’re bringing this purpose to life alongside a passionate community of experts.

Feel empowered to learn and grow while being valued for who you are– here, diversity is a strength. You have our commitment to support you in reaching your goals with tools, opportunities, and flexibility. It’s our employee promise. 

Our hybrid work model provides the balance between working from home and enjoying meaningful in-person interactions.

Read on to see how you can shape the future, win as a team, and grow with us.

About the role

You are an established manager in cybersecurity or risk management? Your entrepreneurial mindset has led you to build practical cybersecurity strategies and plans for many companies operating in a variety of sectors? We have the perfect opportunity for you!

As a Manager of the Cyber Supply Chain Risk Management Team, you will lead the evolution of the cybersecurity practice for Third Parties in IFC. You will leverage a team of experts to enhance the oversight and monitoring of our third parties’ security posture, improve the efficiency of our risk management program using innovative technologies, and play a key role in reducing IFC’s exposure to cyber threats.

What you'll do:

• Lead a team of experts responsible to maintain and enhance IFC’s Cyber Supply Chain Risk Management program.

• Responsible for overall CSCRM program including design, implementation, and continuous improvement of CSCRM processes, methodologies, operating models, and workflows in alignment with the TPRM Policy and 2nd Line of Defense.

• Manage day to day operations of the Third Part Risk Assessments (TRPA).

• Design, build, and implement Third-Party Risk Management tools and dashboards.

• Serve as a trusted advisor, providing input and commentary on overall CSCRM program effectiveness to leadership and / or risk committees as required.

• Responsible to define and track relevant KRIs and provide regular reporting to stakeholders by incorporating meaningful insights to mitigate third party security risks and reduce IFC’s exposure to cyber threats.

• Maintain a continuous monitoring program for Third Parties including cyber security incidents to ensure ongoing protection of IFC data.

• Oversee, advise and support Third Party engagements by performing contract reviews and ensuring security requirements are included in alignment with IFC’s standards.

• Be abreast of threat landscape and ensure IFC’s compliance with existing and new regulatory expectations, and demonstrate compliance as required.

What you bring:

• Bachelor’s degree in computer science, Cybersecurity, or related courses.

• At least 10 years of experience in Cybersecurity.

• Relevant experience in Third Party Security Risk Management.

• At least 5 years of experience leading a team of cybersecurity professionals.

• CISSP, CISA certification or other renown cybersecurity certifications is an asset.

• Continuous improvement mindset: you’re curious and seek to learn and understand.

• You identify challenges and pain points and raise them for resolution with urgency and follow through.

• You quickly adapt to changes and re-prioritize when needed.

• You use your negotiation and influencing skills to understand different points of view and reach agreement on contentious issues.

• Your excellent written and verbal communication skills help you navigate through security topics and technical aspects and translate them into clear, easy-to-understand business language.

• You have a great sense of initiative and autonomy.

• You like working in an inspiring and constantly evolving environment.

• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.

• No Canadian work experience required however must be eligible to work in Canada.

#LI-Hybrid

What we offer

Working here means you'll be empowered to be and do your best every day. Here is some of what you can expect as a permanent member of our team:

• A financial rewards program that recognizes your success

• An industry leading Employee Share Purchase Plan; we match 50% of net shares purchased

• An extensive flex pension and benefits package, with access to virtual healthcare

• Flexible work arrangements

• Possibility to purchase up to 5 extra days off per year

• An annual wellness account that promotes an active and healthy lifestyle

• Access to tools and resources to support physical and mental health, embracing change and connecting with colleagues

• A dynamic workplace learning ecosystem complete with learning journeys, interactive online content, and inspiring programs

• Inclusive employee-led networks to educate, inspire, amplify voices, build relationships and provide development opportunities

• Inspiring leaders and colleagues who will lift you up and help you grow

• A Community Impact program, because what you care about is a part of what makes you different. And how you contribute to your community should be just as unique.

We are an equal opportunity employer

At Intact, we value diversity and strive to create an inclusive, accessible workplace where all individuals feel valued, respected, and heard.

If we can provide a specific adjustment to make the recruitment process more accessible for you, please let us know when we reach out about a job opportunity. We’ll work with you to meet your needs.

Click here to review other important information about the hiring process, including background checks, internal candidates, and eligibility to work in Canada.

If you are an employee of Intact or belairdirect, please apply for this role on Contact People.