FirstOntario Credit Union is one of the largest credit unions in Ontario. We are a trusted co-operative financial intuition dedicated to providing competitive banking products and services and a quality Member service. More than 118,000 Ontarians choose FirstOntario for their financial needs – from chequing and savings accounts to loans and mortgages and highly qualified investment advice. Our Membership does more than save you money on fees, it also makes you an Owner. At FirstOntario, we believe the best way to ensure our success is by supporting the communities we serve. That’s why our policies include volunteering our time, talent and resources to worthy local causes and events. It’s also why we reinvest our profits in the same places they’re earned, and why we sponsor programs that promote financial literacy and economic development.
The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
In the role, you will…
- Diligently maintain FirstOntario’s Information Security Framework and underlying policies, procedures, standards and guidelines
- Take the lead on developing, maintaining and updating the Information Security Strategy and Information Security Program, including managing the ISO 27001/2 program
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect FirstOntario’s information assets from internal and external threats
- Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organization and external resources
- Make it a priority to see that disaster recovery and emergency operating procedures are in place and tested on a regular basis
- Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
- Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards
- Ensure effective staff training programs are in place to increase security awareness across FirstOntario
- Maintain and encourage open and honest business relationships within the team and throughout the credit union
- From a distance, make a difference in the lives of our members by helping our team members make members’ financial dreams come true
- Be a role model for FirstOntario’s organizational culture by creating a positive impact at every touchpoint with people, with every word you say or put in print and everything you do
- Collaborate with your peers and stakeholders to add to the collective innovative thinking that can drive new business ideas for FirstOntario
- Perform other duties as we may need you to do
Within your skills and qualifications, you will…
- Be proud of your University degree/College diploma in the field of computer science and/or information security
- Be even more proud of the 3+ years’ security related work experience, preferably with a financial institution, that you bring to the table
- Have worked hard for your recognized industry certification such as CISSP, CISSLP, GIAC or other security certification at a similar level
- Demonstrate an in-depth knowledge of Information Security risk and industry best practices
- Be quick to respond to requests for service from all of your clients
- Be flexible and adaptable to changing priorities while keeping your eye on the prize
- Possess over the top problem solving and negotiation skills
- Openly share your knowledge with the team
- Inherently demonstrate a high level of integrity and be trustworthy
- Be more than approachable with your superior interpersonal skills
- Innately demonstrate superior written and verbal communication skills
- Be aware of and mitigate enterprise risk factors and ensure compliance with applicable regulations, legislation and FirstOntario policies and procedures
- Be willing to work flexible hours including evenings and weekends as the job demands and travel as required
Our emphasis on service means we’re constantly searching for new team members whose dedication to helping people is as powerful as their ambition to succeed. We’re committed to providing professional development, and to extending employee activities beyond day-to-day operations to support the communities where we’re located. Our people are the difference, it’s a part of why we love coming to work.
If this sparks your interest and you demonstrate high levels of integrity and credibility, we should talk. Check out our website for the full job description and prepare your cover letter and resume listing your experience, qualifications, and submit it online through our careers page on the company website.
We appreciate all who express interest; however, only those selected for an interview will be contacted. No phone calls please.
FirstOntario Credit Union will provide accommodations for persons with disabilities, where needed, to support their participation in our recruitment process.
- Extended health care
- Vision care
- Disability insurance
- Life insurance
- Dental care
Job Types: Full-time, Permanent
- information security: 5 years (Required)
- CISSP, CISSLP, or GIAC (Required)