Security Advisory and Assurance Lead

LifeLabs is the largest community diagnostics laboratory in Canada, serving the healthcare needs of Canadians for over 50 years. Our team members are truly centred around our customers, and we know that behind every lab requisition, sample being tested, or investment in technology is an individual and their family counting on us.

Consistently named one of Canada’s Best Employers by Forbes, LifeLabs has also been recognized for having an award-winning Mental Health Program from Benefits Canada. The passion and commitment of over 6,000 diverse and innovative team members unites and motivates us to ensure our customers receive high quality tests and results that they can trust. Agile, customer-centred, caring and teamwork: we live these values every day in what we do to support our customers and healthcare providers, driving forward our vision of empowering a healthier you.

Make a difference – join the LifeLabs team today!

Reports to: Sr Manager Governance Risk and Compliance

Purpose of the Role: The Assurance and Advisory Lead will execute, develop, and support the Manager of GRC with planned Corporate projects, focusing on identifying technology and business risks, compensating controls, and opportunities for improvement in LifeLabs internal controls.

This is a Full Time Remote role based in Ontario.

Core Accountabilities

Internal Quality Control, Assurance & Advisory

• Manage and oversee risk and ensure quality control procedures are executed across the enterprise
• Perform security audits and risk assessments on new or existing solutions
• Manage domain of Advisory and Assurance services and continue to improve efficiencies
• Identify, propose, and implement security methodologies, and tools that simplify security testing and discovery activities
• Identify and assess technology solutions and business risks; provide subject matter expertise in selecting and tailoring existing risk management approaches, methodologies, and tools to support and secure LifeLabs services and products

Risk Management

• Assess projects and IT changes for compliance with LifeLabs security policies and regulatory landscape
• Identify areas of information security compliance vulnerability and risk within new and existing projects, processes, and technologies
• Perform strategic threat risk assessments, identifying key business risks and threats within projects, existing processes, leading communication and reporting of identified risk and risk remediation plans
• Review and evaluate existing processes and projects to benchmark security compliance with industry standards and LifeLabs standards
• Present and communicate risk status to senior management
• Continue the development and management for the TRA and advisory services program

Project & Team Management

• Identify scope and objectives of projects, gaining an understanding of the business, and managing resources needed to conduct risk identification, risk mitigation and risk compliance assurance activities
• Support and facilitate practice development in information security assurance and advisory engagement activities, simultaneously overseeing and managing multiple projects
• Lead and manage outsourced commodity vendor and Third Party Risk Management provider specific to the advisory and assurance function

Change Management

• Lead and drive change across the enterprise in implementing and improving existing risk management methodologies to ensure stakeholder buy-in and effective integration of risk management methodologies in business practice.
• Integrate and align risk management methodologies to other organizational initiatives

Minimum Qualification and Skills

• Bachelors degree or Diploma in IT, Business Technology Management, or any related technical field
• 5+ years of direct experience in an information security role or an equivalent combination of education and experience
• Must be a Certified Information System Auditor (CISA)
• Strong IT Audit background working with IT General Controls (ITGCs), SOC controls, internal / external auditors and perhaps regulators
• Cybersecurity advisory and IT risk assessments for projects, business processes etc.
• Very good knowledge and use of information security standards and frameworks i.e. ISO 27001, NIST CSF, NIST RMF etc.
• Strong writing and interpersonal communication skills
• The ability to handle multiple projects simultaneously

#LI SW1 #INDEED

At LifeLabs, we strive to create an inclusive and equitable workplace where our team members and the communities we serve feel accepted, valued, and respected.

In accordance with LifeLabs’ Accessibility Policy, the Accessibility for Ontarians with Disabilities Act, and the Ontario Human Rights Code, accommodations are available by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation, please contact your recruiter or email careers@lifelabs.com.

LifeLabs is committed to providing a safe environment for our employees, customers, and the communities we serve. We have been a leader throughout the COVID-19 pandemic regarding health and safety measures and have always put our employees and customers at the center of every decision that we make. As an organization in the health care sector, we believe the COVID vaccination adds a layer of protection that complements the extensive and necessary health and safety protocols that we have taken to date. With this in mind, we currently require all LifeLabs employees, contractors, students and volunteers to be fully vaccinated.

LifeLabs operates under a distributed workforce model, where employee flexibility is a key priority. Further information will be provided during the interview process on what this means for employees.

Job Segment: QC, Information Security, Compliance, Counseling, Risk Management, Quality, Technology, Legal, Healthcare, Finance