AVP, Business Information Security (Technology) to serve as the primary liaison between Technology Function and InfoSec & Tech Risk functions for our insur

AVP, Business Information Security (Technology) to serve as the primary liaison between Technology Function and InfoSec & Tech Risk functions for our insurance client

Type: Permanent/Full Time

Location: Hybrid (3 days/Week in Toronto, London or Winnipeg office)

Responsibilities:

• Provide security consulting, advisory and oversight on technology initiatives including infrastructure projects, data and automation efforts, and platform modernization, involving other security SMEs as required.
• Drive alignment between security and enterprise architecture, ensuring security is integral to technical design, standards and modernization plans.
• Collaborate with technology leaders, IT teams, and the wider security and tech risk team to embed security into technical solutions and operational practices, and to drive adoption of security controls.
• Provide security risk advisory support for key technology initiatives, helping teams make informed decisions that balance security, innovation, and delivery.
• Advocate for the adoption of enterprise security policies, standards and best practices within technology domains, while promoting practical and risk-based approaches.
• Champion a culture of shared accountability for security, raising awareness and encouraging secure behaviors across the technology organization.
• Keep technology teams abreast of security requirements, upcoming changes, and necessary actions to enhance security maturity and protect the organization.
• Streamline communication, balance demands, and improve prioritization by Channeling all security risk related interactions with technology teams.
• Deliver aggregated security risk metrics and reporting to the technology leadership.
• Participate in cybersecurity and technology committees and working groups as necessary.
• Oversee and encourage technology teams’ response to security incidents, investigations and remediation.
• Stay updated and involved in security initiatives impacting technology functions.
• Stay abreast of emerging security threats and trends that may impact the technology organization, ensuring appropriate visibility and preparedness.

Must Haves:

• 10+ years of experience in cybersecurity, risk management, or technology, with 5+ years in leadership roles, preferably in a large enterprise or regulated industry
• In-depth understanding of security frameworks, technologies, and risk mitigation strategies
• Strong understanding of enterprise technology ecosystems and operations
• Proven experience in building partnerships with technology leaders to enable secure, scalable and resilient outcomes across infrastructure, operations, data and transformation initiatives.
• Proven proficiency in resolving conflicting requirements to deliver effective cybersecurity solutions
• Experience in aligning cybersecurity practices with enterprise architecture, cloud strategy, and modernization efforts.
• Proven record in assessing, prioritizing, and mitigating enterprise security risks
• Skilled at driving cross-functional security efforts and driving consensus in a matrixed environment
• Effective communicator with the ability to translate complex technical security concepts into business language