Job Specifications
For over 50 years, LifeLabs has been Canada's leading provider of laboratory diagnostic information and digital health connectivity systems, enabling patients and healthcare practitioners to diagnose, treat, monitor and prevent disease. We are passionate about empowering healthier Canadians through accessible, accurate, and innovative diagnostic services.
We are committed innovators, operating Canada's first commercial genetics lab, and the country's largest online patient portal, with more than 8 million Canadians receiving their results online. More than 112 million laboratory tests come through LifeLabs' laboratories annually, and our team of more than 6,000 passionate, caring, and diverse professionals works together as one to provide high quality testing and results that Canadians can trust.
We know that behind every lab requisition, sample being tested, or investment in technology is an individual and their family counting on us. At LifeLabs, you can make a meaningful impact on Canadians' lives every day.
Our teams are at the heart of everything we do. We are proud to be recognized as one of Canada's Best Employers, reflecting our deep commitment to our core values of caring, agility, teamwork, and a customer-centered approach. As part of this commitment, LifeLabs prioritizes the ongoing development of our diversity, equity, and inclusion (DEI) program to better serve the needs of our diverse workforce and the communities we serve. We continue to take steps to challenge ourselves to act with courage and integrity, and to create an environment where people can be their true selves.
These values are not just words on a page, they guide our actions and decisions every day and have come to define our team culture.
The Chief Information Security Officer (CISO) for LifeLabs is responsible for developing and leading the execution of a comprehensive information security and risk management program to protect the organization ensuring information assets and business consumers are adequately supported and protected from cyber threats. The CISO is responsible for setting strategic direction for LifeLabs in alignment with Quest Diagnostics and ensuring all regulatory and compliance requirements are met.
The CISO position requires a pragmatic leader with strong skills in technology and business management. This role requires an integrator of people and processes, a thought leader, a problem solve, an effective communicator and solid domain competency in a number of specialized technology domains.
The LifeLabs CISO will report directly to the SVP and Chief Security Officer for Quest Diagnostics with a dotted line to the CIO of LifeLabs.
Status: Full Time
Number of Positions: 1
Start Date: ASAP
Internal Application Deadline: 1 August 2025
LifeLabs operates under a Hybrid workforce model. Further details will be provided during the interview stage.
Core Accountabilities
Develop and Implement the Security Strategy for Cloud and Network
Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program for LifeLabs ensuring alignment with Quest Diagnostics.
Collaborate with executive leadership to align security initiatives with enterprise programs and business objectives.
Ensure Cyber Security First is core to all LifeLabs technology services and becomes a cultural norm at LifeLabs
Establish and develop long term continuous improvement strategy for security practice
Develop cybersecurity technology and control objective roadmap to achieve desired level of security posture and maturity
Evaluate IT threat landscape, devising cyber security policy and controls to reduce risk.
Develop cyber resiliency to rapidly recover from hacking, security incidents, or infringements.
Oversee security architecture, including the planning, buying, and deployment of security hardware and software, and making sure IT and network infrastructure is designed with best security practices in mind.
Develop internal goals/processes and metrics to measure their effectiveness (e.g. OKRs)
Establish and Ensure Governance, Risk and Compliance (GRC) Management
Ensure the organization is properly advised and positioned to manage technology and cyber risk across all IT and business services
Lead auditing and compliance initiatives, ensuring adaptability to evolving compliance regulations
Maintain Program compliance with all regulatory obligations
Conduct annual tabletop exercises to validate and test business continuity plans and cybersecurity incident response plans
Report security risk threshold violations to the Enterprise Risk Management function and educate executive team on risk treatment and mitigation strategies
Manage expectations and participate in legal related activities around security incidents
Manage vendor relationships and third-party risk assessments.
Lead Security Training and Awareness
Ensure a structured cyber security and risk awareness program is in place to educate staff and affiliates on their roles and responsibilities in providing a safe and secure business environment
Develop and successfully implement, effective and pragmatic security awareness strategy and culture
Prepare employees with the tools, skills, resources, relationships, and capabilities to protect against information security risks.
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
Communication and Stakeholder Relations
Prepare and present regular reports on the status of the information security program to senior management of LifeLabs and Quest
Collaborate with business leaders to prepare and present updates to external stakeholders including customers and government partners.
Performance, Engagement and Development of Team
Lead a team of Cyber security professionals ensuring a focus on performance, engagement and development of team members.
Develop and implement a plan for continuous growth and development of team members.
Build a plan to lead demonstrating our LifeLabs values, capabilities and People Strategy ensuring the attraction and retention of talent.
Build a culture of accountability, continuous improvement, and service excellence.
Required Education
Bachelor's or master's degree in computer science, Information Systems, Cybersecurity, or a related field.
10+ years of experience in information security and IT risk management, with at least 5 years in a leadership role.
Strong knowledge of information security frameworks, standards, and best practices.
Excellent leadership, communication, and interpersonal skills.
Experience with cloud security, incident response, and regulatory compliance.
Working knowledge of cloud security design patterns and technologies, secure use of SaaS, and cloud security tools.
Network design experience to support IoT and OT as well IT systems, connectivity to private and public cloud systems.
Designation (if applicable): One or...
About the Company
LifeLabs is Canada's leading provider of laboratory diagnostic information and digital health connectivity systems, enabling patients and healthcare practitioners to diagnose, treat, monitor, and prevent disease. We support 20 million patient visits annually and conduct over 100 million laboratory tests through leading-edge technologies and our 6,500 talented and dedicated employees. We are a committed innovator in supporting Canadians to live healthier lives, operating Canada's first commercial genetics lab and the country'...
Know more