Cyber Security Risk and Controls Manager
Hybrid
Full Time
#Information Security
#Risk
#Risk Management
#Security Compliance
#Cloud Security
We believe that traditional banking is a thing of the past. At Equitable Bank, we challenge ourselves every day to build innovative financial solutions for Canadians. We are a team of agile, inquisitive thinkers who are not afraid to break the status quo to redefine the future of banking. With over 50 years of history and more than 670,000 customers, we have grown into a powerhouse with over $125 billion in assets under management and administration. Our digital platform, EQ Bank, has been consistently recognized by Forbes as one of the top banks in the world, and we are looking for someone who shares our passion for driving positive change in the industry.
The opportunity
We are looking for a Cyber Security Risk and Controls Manager to join our team on a full-time, hybrid basis. In this role, you will act as a subject matter expert, helping us protect our organization against emerging threats while ensuring we remain resilient and compliant. You will play a vital role in shaping our information security risk management framework, with a specific focus on third-party vendor risk and control assurance. By partnering with various business units and technology teams, you will help us maintain the high standards of security that our customers expect.
A day in the life
- Lead the identification and assessment of cyber risks across the organization, ensuring our risk register and key risk indicators are accurately maintained and reported to senior leadership.
- Manage the entire lifecycle of third-party cyber risk assessments, including onboarding, contract reviews, continuous monitoring, and coordinating our response to any potential breaches.
- Collaborate with our Procurement, Legal, and business teams to embed robust security requirements into our vendor processes and support internal and external audits.
Who you are
You are a seasoned professional with a strong background in information security and risk management. You thrive in environments where you can apply your technical expertise to solve complex business problems. To be successful in this role, you should have the following qualifications:
- A Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- At least eight years of experience in information security and risk, including at least four years specifically focused on third-party risk management.
- A solid understanding of cloud shared responsibility models and security compliance frameworks such as NIST, ISO 27K, PCI DSS, or the Cloud Security Alliance.
- Familiarity with Canadian financial industry regulations, particularly those related to privacy and third-party security expectations from bodies like OSFI and the OPC.
- Professional certifications such as CISSP, CISM, CISA, CRISC, CCSP, or CCSK are highly preferred.
- Excellent communication skills in English, with the ability to explain complex security risks to diverse stakeholders.
Why you'll love it here
We are dedicated to supporting your professional and personal growth while providing a collaborative, inclusive environment. When you join us, you will enjoy a comprehensive suite of benefits designed to support your well-being and future:
- Medical, dental, vision, life, and disability insurance.
- A market-leading RRSP match program and an Employee Share Purchase Plan.
- A generous paid time off policy, including personal days and maternity or parental top-up.
- An annual professional development allowance and access to a comprehensive career development program.
- A competitive discretionary bonus structure.
- The flexibility of a hybrid work arrangement, with time spent at our office located at 2200-25 Ontario Street in Toronto.







