Senior Manager, Security GRC & Engineering

For over 50 years LifeLabs has beenCanadas leading provider of laboratory diagnostic information and digital health connectivity systems enabling patients and healthcare practitioners to diagnose treat monitor and prevent disease. We are passionate about empowering healthier Canadians through accessible accurate and innovative diagnostic services.

We are committed innovators operatingCanadasfirst commercial genetics lab and the countrys largest online patient portal with more than 8 million Canadians receiving their results than112 million laboratory tests come through LifeLabs laboratories annually and our team of more than 6000 passionate caring and diverse professionals works together as one to provide high quality testing and results that Canadians can trust.

We know that behind every lab requisition sample being tested or investment in technology is an individual and their family counting on us. At LifeLabs you can make a meaningful impact on Canadians lives every day.

Our teams are at the heart of everything we do. We are proud to be recognized as one of Canadas Best Employers reflecting our deep commitment to our core values of caring agility teamwork and a customercentered approach. As part of this commitment LifeLabs prioritizes the ongoing development of our diversity equity and inclusion (DEI) program to better serve the needs of our diverse workforce and the communities we serve. We continue to take steps to challenge ourselves to act with courage and integrity and to create an environment where people can be their true selves.

These values are not just words on a page they guide our actions and decisions every day and have come to define our team culture.

Reports to: Chief Information Security Officer
Schedule: MondayFriday
Additional Requirements: N/A
Number of Positions: 1
Start Date: ASAP
Internal Application Deadline:May 14 2025

LifeLabs operates under a hybrid workforce model. Further details will be provided during the interview stage.

This vacancy is for an existing position.

Purpose of the Role

The Sr. Manager Security GRC & Engineering will be an integral member and leader within the LifeLabs Cybersecurity team responsible for overseeing strategic initiatives. LifeLabs will require a fit for purpose GRC program methodologies and toolkits to allow the organization to easily identify assess manage and report risks in a way that brings value to LifeLabs as well as deliver new product and security capabilities and controls directly focused on risk mitigation. This role will also focus on the advancement of the security posture for our systems and infrastructure. This role will directly impact the security across the entire LifeLabs ecosystem.

Core responsibilities include creating and leading projects that enhance the organizations governance program security engineering capabilities participate in the management of the organizations technical risks and oversee the organizations compliance with industry regulations. As a pivotal member of the Cybersecurity team this individual will work closely with the CISO as well as large stakeholders across the firm in order to discuss and enable a better understanding of largescale Cybersecurity issues.

Your responsibilities will include:

• Assist the CISO in creating long term security strategies as well as roadmap various governance models
• Oversee information security policies and ensure that they meet both internal and external requirements of the industry
• Identify information security issues/risks and design mitigation methods to appropriately handle them
• Leverage technology to streamline process of managing GRC across the enterprise
• Partner with other teams across the organization to discuss pertinent GRC issues
• Develop new policies and risk reports that are based on frameworks specified by the firm
• Keep up with ongoing trends and changes within the GRC community and make sure that LifeLabs is up to date with the latest relevant methods and practices
• Work with management and executives to develop the business case and define the GRC strategic vision objectives roadmap milestones and financial plans/budget
• Develop and oversee GRC program methodology policies procedures and toolkits required
• Work collaboratively with business units and/or function head/leaders to:

• Develop update and/or align their policies procedures enterprise taxonomies and other datasets necessary
• Participate and lead meetings with business stakeholders to understand operational business processes identify areas of opportunities and/or improvement through GRC transformation
• Capture and translate business requirements (operational monitoring and reporting) to technical and functional requirements

• Plan prepare and review deliverables in various forms including written reports presentations and meeting discussions with both internal and external parties
• Lead a team of security engineers
• Develop riskbased mitigation strategies for infrastructure platform operating systems and applications
• Partner with internal customers such as infrastructure IAM operations and governance teams to build tooling and technology to optimize continuous deployment monitoring and secure baseline assessment technologies
• Lead the Engineering Team on relevant security practices as needed (specific to findings)
• Develop strategy & roadmaps targeted at improving the security posture at LifeLabs
• Manage execution & delivery of roadmap items
• Imbed security standard processes into the release to production workflow
• Manage and oversee continuous improvement of security controls and technologies
• Oversee and own accountability for all security project deliveries

• Communicate with executives to obtain their buyin sponsorship and sustained support.
• Liaise and work collaboratively with business/functional heads to ensure a successful and sustainable program delivery
• Establish and maintain relationships with T&O and external technology vendors and system integrators

What you bring to the role:

• Bachelors degree or Diploma in IT Business Technology Management or any related technical field
• 7 years of experience working with IT Governance Risk and Controls or in the engineering field
• One or more relevant security certifications (CISA CISSP CPA CISM CRISC)
• The candidates IT industry certifications (e.g. CompTIA) will also be taken into consideration
• Implemented an ISO 27001 program
• Achieved ISO 27001 certification for an organization
• Developed or worked in security serviceoriented framework/program
• Strong experience working and managing a controls objective framework
• Experience in leading or managing large complex transformation and capacity building projects
• Strong experience in governance audit risk compliance cyber and policy management
• SME in drafting policies procedures and RACI matrices
• Experience managing compliance of policies
• Experience with GRC/IRM technology solutions such as (e.g. RSA Archer ServiceNoW MetricStream Refinitiv OpenPages etc.)
• Strong knowledge in project management and technology implementation methodologies and lifecycles
• Professional security management certifications are highly preferred (i.e.. CISSP CRISC)
• Extensive knowledge of GRC and GRC best practices
• Ability to process and understand complex information relevant to cyber security initiatives
• Possess the ability to multitask between projects
• Understanding of the NIST and ISO framework as well as other associated cyber security standards

LifeLabs compensation programs are commensurate based on the role skill effort responsibility and working conditions irrespective of gender race ethnicity beliefs age or any other personal characteristics. Pay programs are communicated regularly in an accessible and transparent manner.

LifeLabs is also proud to offer resources opportunities as well as a collaborative and supportive environment that enables our team members to thrive.

In addition to a competitive compensation package LifeLabs provides a comprehensive total rewards program specific to the job position. Your package may include:

• Employee Group Benefits: Competitive coverage for employees and their families to support their overall health and wellness needs including Extended Health Care Dental Care and Life Insurance.
• Retirement Savings Plan
• Vacation and Wellness Days
• Employee Wellness and Giving Programs: Our award winning mental physical and financial wellness programs aim to address the comprehensive wellbeing of our team members including resources like the Employee & Family Assistance Program financial planning tools and employee recognition initiatives.
• Professional development and membership reimbursement access to preferred rates and discount programs including WorkPerks Home and Auto Insurance Costco Membership etc. and optional healthrelated benefits.

In accordance withLifeLabs Accessibility Policy and the applicable Accessibility Acts within the provinces we operate in accommodations are available by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation please contact your recruiter or emailemailprotected.

Vaccinations are highly encouraged at LifeLabs. Vaccinations and/or immunization screening may be mandatory for selected employees if regulated by provincial or regional governments or through employerled vaccination policies in the facilities we service. Please ensure you ask if this position requires the successful candidate to be vaccinated or undergo immunization screening.

Ready to empower healthier Canadians Apply today!