Job Specifications
Our Story & Purpose:
We’re Vancity, a member-owned credit union built on the principles of inclusion and social justice. Since 1946, our relentless commitment to these values has helped us challenge the status quo and break down barriers. We’ve made bold commitments to become net-zero by 2040 across all mortgages and loans, and we’re actively pursuing strategies in Indigenous banking and financial resilience for our members.
As the largest private sector Living Wage Employer in Canada, we’re proud to be consistently recognized as one of the country’s Top Employers. If you’re ready to join our team of 2,700 diverse individuals, access competitive rewards and benefits, and be part of a greater movement - apply today!
Your Role in Supporting Our Members:
As an Information Security Risk Management Analyst, you will elevate exiting risk management practices and processes. As a member of the Information Security Compliance team, they will play a crucial role in identifying, assessing, and mitigating information security risks.
This is a permanent, full-time role that will enjoy hybrid working arrangements which can be fulfilled primarily from the Vancity head office location and your Lower Mainland based home office. Periodically, you’ll be required to attend in-person activities or events.
How You'll Make an Impact:
Assist the Senior Manager, Information Security Compliance in developing and implementing a strategic approach to information security risk management across people, process, and technology.
Lead the development and maintenance of Information Security risk and governance KPI's, KRI's, and SLA's. Assist with metrics creation and reporting. Provide reporting on the status of information security risks to leadership and stakeholders.
Participates in third-party and supply chain cybersecurity risk assessments.
Maintain the IT risk register on the GRC platform (Onetrust, Auditboard).
Perform Security Threat Risk Assessments of all new projects and technology implementations.
Develop and maintain IT and Security Risk Assessment processes and documentation.
Advise various teams on risk mitigation and compensatory measures to reduce risks to acceptable levels, using knowledge of Vancity policies, technologies, standards and industry best practices.
Foster a risk aware culture across the organization.
Other duties as assigned.
What You’ll Bring to the Team:
A bachelor’s degree or equivalent in Computer Science, Business, or a related field
3-5 years of progressive experience in information security risk management, preferably in a mid-sized corporate organization or a financial institution
Information Security Certifications in one or more of the following are desirable: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM).
In-depth understanding of risk management frameworks such as NIST RMF, NIST AI-RMF, ISO 31000, FAIR, and ISO 27001
A good understanding of relevant standards and frameworks that apply to the financial services industry such as PCI/ SWIFT/ NIST/OSFI
Strong understanding of regulatory requirements and standards (e.g., OSFI, BCFSA, PIPA, PIPEDA)
You’ll Thrive Here If You Are:
An exceptional communicator - you are comfortable communicating with stakeholders across different levels of the organization. You demonstrate confidence and provide highly specialized technical expertise and advice.
Flexible - You have a willingness to work in a highly flexible environment with multiple competing priorities.
Organized - Good multi-tasking skills and the ability to prioritize work based on risk and business needs
We value lived experience, so if you are interested in this role, we encourage you to apply even if you feel your skills don't perfectly align with those listed.
What You’ll Earn:
This role offers a salary range of $92,700 to $115,000. The base pay offered may vary depending on factors such as relevant qualifications, skills, previous experience, and internal equity. As part of our total rewards package, employees may also be eligible for our annual incentive program, subject to program eligibility requirements.
Why You’ll Love Working Here:
A career at Vancity is more than just a job, you’re joining a tradition of change-makers who are creating lasting change for our communities. Beyond base pay, we offer a comprehensive total rewards package to ensure our employees are empowered to thrive:
Living Wage Employer: We’re the largest private-sector Living Wage Employer in Canada and consistently ranked among Canada’s Top Employers.
Customizable Benefits: Permanent employees receive flexible benefit packages that can be tailored annually to meet evolving needs.
Generous Vacation: New employees start with 3-4 weeks of vacation per year, with additional days earned over time.
Extra Stat Holidays: In addition to BC’s 11 statutory holidays, we offer 2 extra days, plus care days for perso
About the Company
Vancity is a credit union committed to a clean and fair world. With 54 branches in Metro Vancouver, the Fraser Valley, Victoria, Squamish, and Alert Bay, we serve more 550,000 member-owners and their communities in the Coast Salish and Kwakwaka'wakw territories.
Know more