×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Security Specialist - Cyber Risk & Compliance

Job in Toronto, Ontario, C6A, Canada
Listing for: CAAT Pension Plan
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Senior Security Specialist – Cyber Risk & Compliance
We are seeking a Senior Security Specialist, Cyber Risk and Compliance, for our Technology & IT Services Management team. Reporting to the Senior Manager GRC, you will be responsible for executing and advancing CAAT’s cybersecurity and technology risk programs.

The successful incumbent possesses technical depth with execution focused on managing cybersecurity risks to ensure CAAT remains secure, compliant, and resilient amid rapidly evolving threats, and ensures compliance with regulatory obligations and alignment with CAAT’s Enterprise Risk Management (ERM) and Cybersecurity framework.

Core Responsibilities

Perform technical Threat risk assessments (TRA) and conduct threat modeling assessments across key applications, infrastructure, and AI/ML systems.

Maintain and update the cyber risk register, ensuring accurate documentation and tracking of risks and remediation activities.

Assess risks associated with AI/ML integrations, GenAI platforms, emerging technologies, quantum readiness, and synthetic data use.

Prepare dashboards, KPIs, KRIs, and security performance scorecards for governance reporting.

Collaborate with Dev Sec Ops , Engineering, Architecture, Legal, and Compliance teams to provide second‑line oversight and challenge.

Produce detailed technical findings and recommendations for stakeholders, including auditors and governance committees.

Operationalize AI‑driven platforms controls for compliance with ISO 27001, PCI‑DSS, NIST 800‑53, ISO/IEC 42001, NIST AI Risk Management Framework & other regulations.

Perform vendor risk reviews for vendors, including emerging tech partnerships, LLM plugin providers, API suppliers, and federated data platforms.

Support the Senior Manager in reporting on the performance of the Information Security Management System (ISMS) to the Information Security Advisory Board (ISAB).

Support the Senior Manager in creating executive or board level presentations to provide a view on the Cyber and Technology risk profile.

Qualifications & Experience

At least 10+ years of experience in cybersecurity risk management, compliance, and governance, with strong hands‑on audit execution and control implementation.

At least 8+ years of experience managing audit readiness (ISO 27001, SOC 2, PCI‑DSS, and NIST etc) and cyber risk in regulated industries (pension, financial services, insurance etc).

CISSP or CISM, CISA, ISO 27001 Lead Implementer/Auditor certification required.

Strong knowledge of frameworks such as ISO 27001/27005, NIST CSF, NIST 800‑53, NIST AI RMF, COBIT, COSO, CSA CCM, MITRE ATT&CK, MITRE ATLAS, and FAIR.

Effective communication skills, with the ability to influence across levels and teams within the organization.

Knowledge of the Pension Administration and/or Financial Services industry would be an asset.

Benefits

Opportunities to build a better you: endless learning and mastery of skills while cultivating new ones.

Comprehensive & holistic care:
Total Rewards program that prioritizes physical, mental, and financial wellness, flexible work arrangements, comprehensive benefits, wellness incentives, and a defined benefit pension plan.

A place to collaborate and win: lively environment with creativity and open communication, recognized as one of Canada’s Most Admired Corporate Cultures.

Work that truly matters: help Canadians secure better retirement income.

Seniority Level
Mid‑Senior level

Employment Type

Full‑time

Job Function
Other, Information Technology, and Management

Apply Today
If you believe that Canadians deserve a future where a secure lifetime retirement income contributes to their financial and overall well‑being, then CAAT could be the right fit for you.  Apply now.

DEIB Statement
DEIB at CAAT means we respect and value the broadest range of experiences, geographies, gender, ethnicities, backgrounds, and perspectives as key elements of our culture. Our vision is to provide an environment where employees can bring their best, professional, authentic selves to work.

EEO Statement
CAAT Pension Plan is an equal opportunity employer, and we will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers to accommodate those with disabilities, if requested. Should any applicant require accommodation through the application processes, please contact us at  or call Human Resources at  for assistance.

Contact
Learn more about us by visiting

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search