×
Register Here to Apply for Jobs or Post Jobs. X

Cyber Security Manager

Job in Surrey, BC, Canada
Listing for: GroupHEALTH Benefit Solutions
Full Time position
Listed on 2026-07-07
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, IT Project Manager
Salary/Wage Range or Industry Benchmark: 150000 - 170000 CAD Yearly CAD 150000.00 170000.00 YEAR
Job Description & How to Apply Below

About GroupHEALTH

At GroupHEALTH, we're proud of the work we do – but it's how we do it that truly sets us apart. We're a fast-moving, ever-evolving, stable organization with deep roots and a bold vision: to transform the way Canadians experience benefits. We combine agility with long-term stability to create meaningful impact. Here, you'll find more than just a job. You'll find a purpose-driven, people-first culture where kindness, collaboration, and curiosity thrive.

Whether you've been here fifteen years or fifteen days, you'll notice right away – our people are genuinely invested in one another's success and delivering exceptional experiences to our clients and plan members.

About

The Role

The Cyber Security Manager will lead the development and implementation of our cybersecurity strategy, owning overall security posture and playing a crucial role in safeguarding our company. The Cyber Security Manager will be responsible for establishing and implementing robust security processes, developing policies, and building an Information Security Management System (ISMS). In this role, you will work on our existing roadmap of findings to identify and address security gaps, enhance our security posture, and ensure the protection of our valuable assets.

This is a hybrid role based out of our Surrey office, working a blend of days in office and days from home.

What to Expect In Your First 3 Months

First 30 Days:

  • Compute a baseline composite score across all six KPI domains and present to the CIO with a gap analysis and 90-day improvement plan.

First 60 Days:

  • Hire and onboard the Security Analyst and Security Engineer, with each team member receiving clear 90-day objectives within their first week.
  • Develop and present the 12-month Cyber Security roadmap covering all six NIST CSF 2.0 functions, tool procurement, and maturity milestones by Day 45.

First 90 Days:

  • Deliver the first quarterly cyber security report to the board risk committee covering the composite score baseline, top risks, PIPEDA compliance status, and Munich Re alignment summary.
  • Oversee Security Analyst development of the GroupHEALTH policy suite, with all core policies approved by the CIO and communicated to all staff and entity presidents by Day 75.
  • Identify all Tier 1 vendors across all 10 entities, initiate security questionnaires, and launch a Microsoft EASM or UpGuard evaluation by Day 75.
What You'll Do
  • Establish and support an effective cybersecurity program aligned with industry best practices, regulatory requirements, and organizational objectives
  • Develop, document, and implement comprehensive security policies, standards, and procedures to protect information assets
  • Develop, implement, and monitor an ISMS program to ensure the confidentiality, integrity, and availability of sensitive data owned, controlled, or processed by the organization
  • Serve as the primary point of contact and responsible party for cyber and information security across the organization
  • Contribute to the development and oversight of a global security management strategy and framework
  • Oversee third‑party reviews and risk assessments to ensure comprehensive evaluation of security risks
  • Lead business compliance efforts for security, including supporting regular risk assessments to identify potential vulnerabilities, threats, and areas for improvement, and developing action plans to mitigate identified risks
  • Develop a metrics and reporting framework to measure cybersecurity and governance KPIs and KRIs, including tracking industry trends and best practices
  • Collaborate with cross‑functional teams and the Privacy and Risk team to ensure security requirements are integrated into system development and business processes
  • Provide guidance and support to technical teams in the design and implementation of security systems, networks, and applications
  • Stay current with the latest industry trends, emerging threats, and security technologies, and adjust the organization's security strategy accordingly
  • Develop and deliver a security training and awareness program to promote a culture of security and influence behavior that reduces cyber and information security risk
  • Monitor and respond to…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary