Associate Vice President (AVP), Cyber Security & Deputy CISO - Calgary - Jobs in Saddledome

Job Description

Our bottom line is different.There #39;s something special about working at ATB, and it #39;s been recognized on every top employer list that matters. Maybe it #39;s our exceptional culture where your total wellness is supported through market-leading benefits and you #39;re free to bring your whole self to work. Maybe it #39;s our commitment to a growth mindset and our unrelenting thirst for making it possible for fellow Albertans-even the ones who aren #39;t our clients.Whatever it is, you won #39;t find a more genuine, driven and knowledgeable group of humans anywhere. We foster a culture of purpose, performance and possibilities. We engage with intense curiosity, and bring our whole selves to work, every day. We know it starts with people like you, so take a chance and start with us.Job Number: REQ6909Department: CXTLocation: Anywhere in Alberta, preference for Calgary or EdmontonApply by: Sunday, November 26, 2023Paygrade: P-OTHSystem Title: Deputy Chief Information Security Officer# Positions available: 1Leader Name: Innes Holman, SVP, Technology Architecture, Risk,amp; CISOWork Arrangement: Hybrid - You #39;ll work both remote and onsite, where time onsite is based on your jobaccountabilities and performance objectives.As ATB #39;s next AVP Cyber Securityamp; Deputy CISO, you will develop, coordinate and implement security strategies, guidelines and standards for ATB, in and outside of IT as well as identify, evaluate and recommend effective resolutions; create awareness of cyber security best practices and guidelines across the organization and ensure that ATB #39;s practices and guidelines are followed and maintained at all times.This role manages the Cybersecurity functions and contributes to the definition and implementation of the Information Technology strategy across the organization to ensure that the confidentiality, integrity, and availability of the organization #39;s information assets is maintained. The individual will interact with other Senior leaders within business AOEs and SSUs and within CXT, external service partners, and the members of the operations and service management teams. This role sets vision and direction to inspire and drive continuous improvement of cyber security policies, standards and procedures. The Individual is expected to demonstrate significant depth of technical and security expertise in technology solutions, as well as comprehensive understanding of client processes and business operations.Key Responsibilities:Security Strategyamp; Roadmap

• Championing the information security strategy and roadmap in alignment with ATB #39;s 2030 strategy
• Remaining current with IT Security trends and best practices to ensure the organization #39;s IT Security strategy is fit for ATB and contemplates readiness for future threats
• Leading and collaborating across IT domains to implementamp; maintain security roadmap components
• Managing security tooling and use within the organization with a goal of least privilege, cost optimization and simplification
• Evaluating and recommending new information security technologies and counter-measures against threats to information or privacy
• Guiding development of security reports and dashboards.

Security Standards

• Directing the developmentamp; continuous improvement of an information security framework, along with the underlying standards, processes and procedures.
• Defining the IT Security requirements for IT projects and IT operations, ensuring alignment to industry best practices in a multimodal enterprise that includes heritage and cloud native systems as well as innovation.
• Informing a risk based process for third party management with cyber requirements and controls
• Defining policies, standards and guidelines for access management (client and team member)amp; simplifying access management processes and tools for clients and employees to optimize both security and client experience
• Defining processes and recovery protocols for cyber incident preparedness; responding and rehearsing same
• Developing and sustaining alliances with appropriate industry associations to benchmark best practices

Security Improvementsamp; Advisory

• Managing IT Security service providers, vendors, and consultants to ensure key objectives and deliverables are met in an efficient manner
• Providing guidance and assistance to CX amp;T Senior Management and other areas within the organization with regard to addressing IT Security issues
• Collaborating with key stakeholders to determine acceptable levels of risk in compliance with regulatory requirements.
• Providing support for regulatory requirements and IT-cyber related audits, as well as coordination of investigations and audit of information security breaches

Security Identification, Protection, Detection

• Actively ensuring appropriate administrative, physical and technical safeguards are in place to protect the information assets from internal and external threats.
• Coordinating with operational groups and business units to identify and implement measures to prevent or detect security incidents or breaches
• Partnering with the fraud team to provide tooling to enable required capabilitiesamp; to realize the value of aquot;Fusion Center quot; with diverse skills collaborating to protect information assets
• Identifying and rectifying vulnerabilities across all IT domains. This includes monitoring regular patching routines aligned to highest risk items as well as ad hoc patching where needed.
• Introducing and implementing appropriate processes and procedures to test all information security safeguards on a regular basis.
• Implementing and operationalizing solutions to identify and evaluate the health of all of ATB #39;s technology assets - hardware, operating systems, software, services and data
• Leveraging technologies to provide layered defense from threat actors
• Implementing and operationalizing solutions to ensure protection of the company #39;s systems and data from unauthorized users both internally and externally
• Undertaking periodic reviews and audits, as required, engaging both internal business partners throughout the organization as well as external resources.
• Providing leadership and oversight for the design and implementation of all security incident and vulnerability management processes.
• Providing oversight and guidance in performing on-going security monitoring of information systems including assessing information security risk through a qualitative risk analysis on a regular basis;
• Leading efforts to conduct functional gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements

Security Response and Recovery

• Proactively leading development of cyber incident recovery planning
• Guiding table top and other dry run activities to ensure alignment and preparedness for a cyber incident
• Continually reviewing and assessing ATB #39;s readiness for a cyber incident in the changing threat landscape
• Ensuring that disaster recovery and emergency operating procedures are in place and tested on a regular basis and aligned with cyber incident protocols in conjunction with Technology operations and first line of defense

Leadership Responsibility

• Drive coordination of strategic planning processes and ensure alignment with broader strategic objectives
• Act as a member of the TSARC Leadership Team and collaborate with his/her peers to achieve the strategic plan
• Be a change champion, enhance organizational readiness, gain support and mobilize resources to achieve the business objective from change
• Be a trusted strategic advisor to the CX amp;T leadership team based on the functional responsibilities
• Provide leadership to ensure the ATB leadership understands the importance, relevance and involvement of the role #39;s area
• Exhibit exceptional leadership, business acumen, and professional behaviors in all interactions
• Participate in governing bodies, industry bodies, and steering committees according to cadence as required
• Provide guidance to the Cyber Risk Management Committee and contribute to the IT Capital Approval Committee and Architecture Design Decision and Review Board(s)

Financial / Budgetary Responsibility

• Develop, administer and adhere to the budget allocated for the role #39;s span of control
• Oversee the execution of multiple concurrent initiatives annually covering all aspects of the role #39;s scope.
• Provide guidance on security alignment to all CXT initiatives.
• Establish guidelines to understand and mitigate potential risks involved in the loss of intangibles (reputation) in conjunction with ERM and Finance

People Management

• Hire, develop and empower competent leaders and team members. Execute HR policies and procedures relevant to IT (recruit, hire, compensate, train, appraise, promote and dismiss)
• Serve as mentor for leaders and team members, provide support and guidance for staff development and identify and action succession plans
• Conduct performance evaluation of the team and provide effective coaching and mentoring
• Foster a team environment, recommend training programs targeting specific areas of improvement, mentor members of the IT team and provide inputs to performance reviews
• Share knowledge and develop staff capabilities to strengthen understanding of the relevant area and IT-Business alignment
• Develop and communicate organizational objectives; inspire and motivate team members to achieve results
• Build organizational talent by creating a learning environment that ensures employees realize their highest potential
• Actively work to streamline processes with the goal of speeding delivery to the client while balancing risk management objectives

Relationship Management

• Work in partnership with Business and CX amp;T senior leaders on strategic initiatives to continuously improve policies, standards and procedures by anticipating issues, providing advice and sharing knowledge and best practices
• Provide insights and guidance to the TSARC Head based on the functional responsibilities and accountabilities
• Partner across the CX amp;T and TSARC Senior Leadership team to align with internal and external client demands
• In collaboration with CX amp;T and TSARC senior leadership, ensure all delivered technology solutions are aligned with the organizational goals