Senior Manager, Security GRC & Engineering

• Pay Type Salary
• Min Hiring Rate $110,400.00
• Max Hiring Rate $140,800.00

For over 50 years, LifeLabs has been Canada’s leading provider of laboratory diagnostic information and digital health connectivity systems, enabling patients and healthcare practitioners to diagnose, treat, monitor and prevent disease. We are passionate about empowering healthier Canadians through accessible, accurate, and innovative diagnostic services.

We are committed innovators, operating Canada's first commercial genetics lab, and the country's largest online patient portal, with more than 8 million Canadians receiving their results online. More than 112 million laboratory tests come through LifeLabs’ laboratories annually, and our team of more than 6,000 passionate, caring, and diverse professionals works together as one to provide high quality testing and results that Canadians can trust.

We know that behind every lab requisition, sample being tested, or investment in technology is an individual and their family counting on us. At LifeLabs, you can make a meaningful impact on Canadians’ lives every day.

Our teams are at the heart of everything we do. We are proud to be recognized as one of Canada’s Best Employers, reflecting our deep commitment to our core values of caring, agility, teamwork, and a customer-centered approach. As part of this commitment, LifeLabs prioritizes the ongoing development of our diversity, equity, and inclusion (DEI) program to better serve the needs of our diverse workforce and the communities we serve. We continue to take steps to challenge ourselves to act with courage and integrity, and to create an environment where people can be their true selves.

These values are not just words on a page, they guide our actions and decisions every day and have come to define our team culture.

Reports to: Chief Information Security Officer
Schedule: Monday-Friday
Additional Requirements: N/A
Number of Positions: 1
Start Date: ASAP
Internal Application Deadline: May 14, 2025

LifeLabs operates under a hybrid workforce model. Further details will be provided during the interview stage.

This vacancy is for an existing position.

Purpose of the Role

The Sr. Manager, Security GRC & Engineering will be an integral member and leader within the LifeLabs’ Cybersecurity team, responsible for overseeing strategic initiatives. LifeLabs will require a ‘fit for purpose’ GRC program, methodologies and toolkits to allow the organization to easily identify, assess, manage, and report risks in a way that brings value to LifeLabs as well as deliver new product and security capabilities and controls directly focused on risk mitigation. This role will also focus on the advancement of the security posture for our systems and infrastructure. This role will directly impact the security across the entire LifeLabs ecosystem.

Core responsibilities include creating and leading projects that enhance the organization’s governance program, security engineering capabilities, participate in the management of the organization’s technical risks, and oversee the organization’s compliance with industry regulations. As a pivotal member of the Cybersecurity team, this individual will work closely with the CISO as well as large stakeholders across the firm in order to discuss and enable a better understanding of large-scale Cybersecurity issues.

Your responsibilities will include:

• Assist the CISO in creating long term security strategies, as well as roadmap various governance models
• Oversee information security policies and ensure that they meet both internal and external requirements of the industry
• Identify information security issues/risks and design mitigation methods to appropriately handle them
• Leverage technology to streamline process of managing GRC across the enterprise
• Partner with other teams across the organization to discuss pertinent GRC issues
• Develop new policies and risk reports that are based on frameworks specified by the firm
• Keep up with ongoing trends and changes within the GRC community, and make sure that LifeLabs is up to date with the latest relevant methods and practices
• Work with management and executives to develop the business case and define the GRC strategic vision, objectives, roadmap, milestones and financial plans/budget
• Develop and oversee GRC program methodology, policies, procedures and toolkits required
• Work collaboratively with business units and/or function head/leaders to:

• Develop, update and/or align their policies, procedures, enterprise taxonomies, and other data-sets necessary
• Participate and lead meetings with business stakeholders to understand operational business processes, identify areas of opportunities and/or improvement through GRC transformation
• Capture and translate business requirements (operational, monitoring and reporting) to technical and functional requirements

• Plan, prepare and review deliverables in various forms including written reports, presentations and meeting discussions with both internal and external parties
• Lead a team of security engineers
• Develop risk-based mitigation strategies for infrastructure, platform, operating systems, and applications
• Partner with internal customers such as infrastructure, IAM, operations and governance teams to build tooling and technology to optimize continuous deployment, monitoring and secure baseline assessment technologies
• Lead the Engineering Team on relevant security practices as needed (specific to findings)
• Develop strategy & roadmaps targeted at improving the security posture at LifeLabs
• Manage execution & delivery of roadmap items
• Imbed security standard processes into the release to production workflow
• Manage and oversee continuous improvement of security controls and technologies
• Oversee and own accountability for all security project deliveries

• Communicate with executives to obtain their buy-in, sponsorship and sustained support.
• Liaise and work collaboratively with business/functional heads to ensure a successful and sustainable program delivery
• Establish and maintain relationships with T&O and external technology vendors, and system integrators

What you bring to the role:

• Bachelor’s degree or Diploma in IT, Business Technology Management, or any related technical field
• 7+ years of experience working with IT Governance, Risk and Controls, or in the engineering field
• One or more relevant security certifications (CISA, CISSP, CPA, CISM, CRISC)
• The candidate’s IT industry certifications (e.g. CompTIA) will also be taken into consideration
• Implemented an ISO 27001 program
• Achieved ISO 27001 certification for an organization
• Developed or worked in security service-oriented framework/program
• Strong experience working and managing a controls objective framework
• Experience in leading or managing large complex transformation and capacity building projects
• Strong experience in governance, audit, risk, compliance, cyber, and policy management
• SME in drafting policies, procedures and RACI matrices
• Experience managing compliance of policies
• Experience with GRC/IRM technology solutions such as (e.g. RSA Archer, ServiceNoW, MetricStream, Refinitiv, OpenPages, etc.)
• Strong knowledge in project management and technology implementation methodologies and lifecycles
• Professional security management certifications are highly preferred (i.e.. CISSP, CRISC)
• Extensive knowledge of GRC, and GRC best practices
• Ability to process and understand complex information relevant to cyber security initiatives
• Possess the ability to multi-task between projects
• Understanding of the NIST and ISO framework as well as other associated cyber security standards

LifeLabs’ compensation programs are commensurate based on the role, skill, effort, responsibility and working conditions, irrespective of gender, race, ethnicity, beliefs, age or any other personal characteristics. Pay programs are communicated regularly in an accessible and transparent manner.

LifeLabs is also proud to offer resources, opportunities, as well as a collaborative and supportive environment that enables our team members to thrive.

In addition to a competitive compensation package, LifeLabs provides a comprehensive total rewards program, specific to the job position. Your package may include:

• Employee Group Benefits: Competitive coverage for employees and their families to support their overall health and wellness needs, including Extended Health Care, Dental Care, and Life Insurance.
• Retirement Savings Plan
• Vacation and Wellness Days
• Employee Wellness and Giving Programs: Our award winning mental, physical and financial wellness programs aim to address the comprehensive well-being of our team members, including resources like the Employee & Family Assistance Program, financial planning tools, and employee recognition initiatives.
• Professional development and membership reimbursement, access to preferred rates and discount programs, including WorkPerks, Home and Auto Insurance, Costco Membership, etc., and optional health-related benefits.

In accordance with LifeLabs’ Accessibility Policy, and the applicable Accessibility Acts within the provinces we operate in, accommodations are available by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation, please contact your recruiter or email [email protected].

Vaccinations are highly encouraged at LifeLabs’. Vaccinations and/or immunization screening may be mandatory for selected employees if regulated by provincial or regional governments, or through employer-led vaccination policies in the facilities we service. Please ensure you ask if this position requires the successful candidate to be vaccinated or undergo immunization screening.

Ready to empower healthier Canadians? Apply today!

• 30 International Blvd, Etobicoke, ON M9W 5P3, Canada