Security Advisory and Assurance Lead

LifeLabs is the largest community diagnostics laboratory in Canada, serving the healthcare needs of Canadians for over 50 years. Our team members are truly centred around our customers, and we know that behind every lab requisition, sample being tested, or investment in technology is an individual and their family counting on us.

Consistently named one of Canada's Best Employers by Forbes, LifeLabs has also been recognized for having an award-winning Mental Health Program from Benefits Canada. The passion and commitment of over 6,000 diverse and innovative team members unites and motivates us to ensure our customers receive high quality tests and results that they can trust. Agile, customer-centred, caring and teamwork: we live these values every day in what we do to support our customers and healthcare providers, driving forward our vision of empowering a healthier you.

Make a difference - join the LifeLabs team today!

Reports to: Sr Manager Governance Risk and Compliance

Purpose of the Role: The Assurance and Advisory Lead will execute, develop, and support the Manager of GRC with planned Corporate projects, focusing on identifying technology and business risks, compensating controls, and opportunities for improvement in LifeLabs internal controls.

This is a Full Time Remote role based in Ontario.

Core Accountabilities:

• Manage and oversee risk and ensure quality control procedures are executed across the enterprise; Perform security audits and risk assessments on new or existing solutions.
• Manage domain of Advisory and Assurance services and continue to improve efficiencies.
• Validate security controls of LifeLabs' Information Technology teams and vendors.
• Identify, propose, and implement security methodologies, and tools that simplify security testing and discovery activities.
• Support business units in identifying improvement opportunities to manage risk and apply quality control throughout existing applications/systems, processes, and projects.
• Identify and assess technology solutions and business risks; provide subject matter expertise in selecting and tailoring existing risk management approaches, methodologies, and tools to support and secure LifeLabs services and products.
• Assess projects and IT changes for compliance with LifeLabs security policies and regulatory landscape.
• Identify areas of information security compliance vulnerability and risk within new and existing projects, processes, and technologies.
• Perform strategic threat risk assessments, identifying key business risks and threats within projects, existing processes, leading communication and reporting of identified risk and risk remediation plans.
• Review and evaluate existing processes and projects to benchmark security compliance with industry standards and LifeLabs standards.
• Present and communicate risk status to senior management.
• Continue the development and management for the TRA and advisory services program.
• Identify scope and objectives of projects, gaining an understanding of the business, and managing resources needed to conduct risk identification, risk mitigation and risk compliance assurance activities.
• Support and facilitate practice development in information security assurance and advisory engagement activities, simultaneously overseeing and managing multiple projects.
• Lead and manage outsourced commodity vendor and Third Party Risk Management provider specific to the Advisory and Assurance function.
• Lead and drive change across the enterprise in implementing and improving existing risk management methodologies to ensure stakeholder buy-in and effective integration of risk management methodologies in business practice.
• Integrate and align risk management methodologies to other organizational initiatives.

• • Identify and mitigate barriers to success.
  • Ensure risk management methodologies are adopted within existing processes and programs.
  • Identify change management needs in staffing, training, communications, and organizational designs.
  • Support and coordinate security training and awareness material that identifies and communicates information on security compliance trends to employees.

Minimum Qualifcation and Skills:

• 5+ years of direct experience in an information security role or an equivalent combination of education and experience with experience in the Health care industry.
• Bachelors degree or Diploma in IT, Business Technology Management, or any related technical field.
• Must have one or more relevant security certifications (CISA, CISSP, CPA, CISM, CRISC).
• Experience evaluating security controls, conducting risk assessments (including third-party risk management)
• Understanding of internal control frameworks including COBIT, ISO 27001, NIST, ITIL, etc.
• Knowledge of developing risk reports and control summaries.
• Strong writing and interpersonal communication skills.
• The ability to handle multiple projects simultaneously.

#LI SW1 #INDEED

Hiring Range: $90,800 to $115,700

The hiring range has been established, however, the final salary recommendation will be determined based off the level of experience, education requirement, external market conditions and internal equity.

In this position, you will be eligible for Lifelabs annual bonus.

Employee Benefits:
In this position, you will be eligible to participate LifeLabs' group benefits plan which is available to LifeLabs employees in accordance with the terms and conditions of those plans.

Retirement Savings:
The LifeLabs plans provide members with an easy way to save for retirement. By participating in the plan, you receive contributions made to your account on your behalf from LifeLabs.

Vacation Entitlement:
In this position, you will be entitled to vacation. We promote a healthy work-life balance and expect your full vacation to be taken each year.

Employee Wellness:
LifeLabs offers an award-winning Wellness Program focused on supporting your total health and well-being under our physical, emotional, and financial wellness pillars. We have been recognized in the industry for our focus on mental health supports.

Employee Giving program:
Designed to support any employee who donates, fundraises or volunteers for a Canadian Registered Charity or Non-Profit Organization.

In addition, LifeLabs offers professional development and membership reimbursement, access to preferred rates and discount programs - WorkPerks, Home and Auto Insurance, Costco Membership, etc. - and Optional Health-related Benefits.

At LifeLabs, we strive to create an inclusive and equitable workplace where our team members and the communities we serve feel accepted, valued, and respected.

In accordance with LifeLabs' Accessibility Policy, the Accessibility for Ontarians with Disabilities Act, and the Ontario Human Rights Code, accommodations are available by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation, please contact your recruiter or email careers@lifelabs.com.

Vaccinations are highly encouraged at LifeLabs'. Vaccinations may be mandatory for selected employees if regulated by provincial or regional governments, or through employer-led vaccination policies in the facilities we service. Please ensure you ask if this position requires the successful candidate to be fully vaccinated with the current Government approved COVID-19 vaccinations.