The Information Security (IS) Advisor is a team lead accountable for the management and administration of governance activities that provide oversight over information security tools and processes. The is Advisor acts as a subject matter expert to ensure the delivery of the governance programs for which he/she has oversight.
- Accountable for the development, implementation, and management of the assigned governance activities which provide oversight over information security tools and processes (e.g. exception processes, DLP governance activities, etc.)
- Leads and provides guidance to security analysts who have day-to-day administrative and operational responsibilities for governance functions. This includes managing and tracking the team’s workload and ensuring service level objectives are met.
- Ensures continual alignment of governance processes to approved standards and regulatory requirements. Accountable for security risk assessments to verify compliance to governance frameworks.
- Provides security guidance related to the governance area to technology and business units.
- Delivers effective performance and risk metrics and reporting
- Provides a leadership role in identifying risk exposure, championing best practices and implementing continuous process improvement initiatives.
- Assists with audits and regulatory reviews, helps in the resolution of security issues / findings.
- Maintains awareness within the industry and develops appropriate plans to support emerging risks.
- Delivers effective execution of all processes in order to meet productivity, quality service and business goals.
- Provides strong leadership and guidance to a multi-disciplinary, professional team of contractors and employees
- Post-secondary education in Information Security, Information Technology, Risk Management or a related discipline or equivalent combination of education and on-the-job experience
- 5+ years of working experience in information security
- Previous experience as a team lead / manager
- Previous experience in creating operational metrics to track service level objectives for day-to-day activities
- Good knowledge of information security and industry best practices
- Experience with a broad range of exposure to exception processes, application whitelisting governance, proxy governance, customer identification and access management
- Previous experience in implementing and operationalizing new functions / services and processes
- Previous experience in addressing audit and regulatory requirements
- Previous experience in writing process documentation
- Familiarity with security and privacy legislation, regulation and industry standards impacting global financial institutions
- At least 1 industry certification related to the information security field: COBIT, SABSA, TOGAF, CISSP, CISA, CISM, CRISC
- Experience working in a large financial institution preferred
- Superior oral and written communication skills, ability to express oneself and communicate effectively at all levels within the organization
- Strong leadership and team management skills
- Strong collaboration and relationship management skills
- Strong analytical and organizational skills
- Advanced facilitation and presentation skills
- Good problem solving and risk analysis skills
We’re here to help
At BMO we have a shared purpose; we put the customer at the centre of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.