Senior Security Specialist Cyber Risk & Compliance

At CAAT were passionate about what we do. And it shows!

Here youll find a cultural spark in everything we do from the way we partner with members and employers to the way we work collaborate and grow. It doesnt just feel different at CAAT. It is different. Were one of the fastest-growing pensions in the country for a reason. We challenge the status quo making a real impact on the hundreds of employers we serve from education institutions to major corporations and household brands. And were just getting started. Driven by core values and a shared purpose were fierce champions for better retirement security known for our can-do culture where everyone plays a role in bringing our vision to life. If this sounds like a fit wed love you to be a part of it.

About the Role:

We are seeking a Senior Security Specialist Cyber Risk and Compliance for our Technology & IT Services Management team. Reporting to the Senior Manager GRC you will be responsible for executing and advancing CAATs cybersecurity and technology risk programs.

The successful incumbent possesses technical depth with execution focused on managing cybersecurity risks to ensure CAAT remains secure compliant and resilient amid rapidly evolving threats risks while ensuring compliance with regulatory obligations and alignment with CAATs Enterprise Risk Management (ERM) and Cybersecurity framework.

As the Newest Member of our Team Youll:

• Perform technical Threat risk assessments (TRA) and conduct threat modeling assessments across key applications infrastructure and AI/ML systems.

• Maintain and update the cyber risk register ensuring accurate documentation and tracking of risks and remediation activities.

• Assess risks associated with AI/ML integrations GenAI platforms emerging technologies quantum readiness and synthetic data use.

• Prepare dashboards KPIs KRIs and security performance scorecards for governance reporting.

• Collaborate with DevSecOps Engineering Architecture Legal and Compliance teams to provide second-line oversight and challenge.

• Produce detailed technical findings and recommendations for stakeholders including auditors and governance committees.

• Operationalize AI-driven (GenAI Agentic AI etc) platforms controls for compliance with ISO 27001 PCI-DSS NIST 800-53 ISO/IEC 42001 NIST AI Risk Management Framework & other regulations.

• Perform vendor risk reviews for vendors including emerging tech partnerships including LLM plugin providers API suppliers and federated data platforms.

• Support the Senior Manager in reporting on the performance of the Information Security Management System (ISMS) to the Information Security Advisory Board (ISAB)

• Support the Senior Manager in creating executive or board level presentations to provide a view on the Cyber and Technology risk profile.

To Succeed You Bring:

• At least 10 years of experience in cybersecurity risk management compliance and governance with strong hands-on audit execution and control implementation.

• At least 8 years of experience managing audit readiness (ISO 27001 SOC 2 PCI-DSS and NIST etc) and cyber risk in regulated industries (pension financial services insurance etc.)

• CISSP or CISM CISA ISO 27001 Lead Implementer/Auditor certification required.

• Strong knowledge of frameworks such as ISO 27001/27005 NIST CSF NIST 800-53 NIST AI RMF COBIT COSO CSA CCM MITRE ATT&CK MITRE ATLAS and FAIR.

• Effective communication skills with the ability to influence across levels and teams within the organization

• Knowledge of the Pension Administration and/or Financial Services industry would be an asset

At CAAT we believe innovation passion and purpose are ingredients for a great work environment. Were incredibly proud of our people and the remarkable impact they have as catalysts for change. Were committed to attracting and keeping great talent which means competitive compensation exceptional benefits and an environment where people can grow and thrive. When you work with CAAT youll enjoy:

• Opportunities to Build a Better You: We never stand still. As we grow so do you. Enjoy a place that provides endless opportunities to learn and master your skills while cultivating new ones.
• Comprehensive & Holistic Care: Be at your best with a Total Rewards program that feeds and prioritizes your physical mental and financial wellness. From flexible work arrangements comprehensive benefits to wellness incentives and a defined benefit pension plan we have you covered.
• A Place to Collaborate and Win: Weve built a lively environment where creativity and open communication thrive. Its why were consistently recognized as one of Canadas Most Admired Corporate Cultures one of Greater Torontos Top Employers and one of the Best Places to Work.
• Work that Truly Matters. Youre giving Canadians the opportunity for better retirement security and organizations the chance to do more.
  

If you believe that Canadians deserve a future where a secure lifetime retirement income contributes to their financial and overall well-being then CAAT could be the right fit for you. Start your journey with us today. Apply now.

Learn more about us by visiting Equity Inclusion and Belonging (DEIB):

DEIB at CAAT means we respect and value the broadest range of experiences geographies gender ethnicities backgrounds and perspectives as key elements of our culture. Our vision is to provide an environment where employees can bring their best professional authentic selves to work.

CAAT Pension Plan is an equal opportunity employer and we will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers to accommodate those with disabilities if requested. Should any applicant require accommodation through the application processes please contact us at or call Human Resources at for assistance.