With close to 750 employees, Fiera Capital Corporation, a leading independent asset management firm, is rapidly acquiring a global presences and reputation. With over $124 billion in AUM as of September 30, 2019, more than $25 billion of which is managed or advised by the U.S. division. We deliver customized multi-asset solutions across traditional and alternative asset classes to institutional, retail, and private wealth clients across North America, Europe, and key markets in Asia.
Headquartered in Montreal, Fiera Capital also has offices in Toronto, Calgary, Vancouver and Halifax, as well as New York, Boston, Los Angeles and Dayton (Ohio) in the United States, London in the United Kingdom, Isle of Man and Frankfurt, Germany.
Fiera Capital trades under the ticker FSZ on the Toronto Stock Exchange.
As the Director, Cyber Security and Risk Management, you will report to the Global CISO and play a key role in maturing, expanding and optimizing Fiera Capital’s cyber security and information risk management capabilities globally while positioning the organization to be agile and ready to respond to the ever-changing security risks. As an empowered representative of the CISO, you will be responsible for contributing to the cyber security strategy, leading the development and delivery of the cyber security and IT risk management plan as well managing enterprise-wide security programs and risk management initiatives.
This role involves extensive liaison with internal stakeholders across all regions and external partners, suppliers, and managed service providers in order to promote security, provide oversight to business continuity and disaster recovery risk mitigation and to ensure that Fiera Capital’s information assets and systems are managed in a manner which is legally compliant, secure and consistent with industry best practices.
As part of your duties, you will be assigned the following responsabilities:
- Develop, maintain and socialize the global information security policy framework in-line with appropriate international standards, applicable global regulations, client contractual commitments and our risk appetite;
- Build and lead the delivery of a structured security awareness and training program to promote awareness about security risks and encourage the adoption of security policies and practices across the enterprise;
- Establish an Information protection framework to drive a data driven approach for classifying, discovering, enforcing, and maintaining the company data through the data management lifecycle;
- Design and operate a risk and compliance assessment program comprising of security risk assessments, independent reviews, and audits on systems and services to assess compliance and measure risks;
- Build and manage a robust supplier security assurance program to monitor the security exposure of our key suppliers and vendors and their compliance to Fiera’s policy framework and contractual commitments;
- Consult internal stakeholders and suppliers and participate in key projects to ensure security is factored into the evaluation, selection, installation and configuration of all IT systems and services;
- Maintain oversight and ongoing governance of the security technology stack and ensure appropriate security technologies to address the ever-changing threats are identified and effectively implemented;
- Manage relationship and ongoing engagement with the security service providers to ensure valued delivery and effective execution of committed security services in accordance with the service level agreements;
- Develop and continually improve the security incident response capability within Fiera to drive consistent incident response, escalation and reporting;
- Lead the planning, development and ongoing testing of Fiera Capital’s Business Continuity and cyber resilience standard working collaboratively with business units and other stakeholders;
- Work with IT and business leaders to define and present metrics and dashboards that effectively communicate Fiera’s security maturity and progress of the security program;
- Develop common framework and centralized repository to enhance Fiera’s proficiency in managing multiple client audits and due diligence requests as it pertains to security, risk and compliance;
- Keep abreast of technology evolutions, risks on the radar, and changing threat profile and proactively assess and advise the stakeholders about its impact on our environment and corporate risk profile;
- Own and oversee delivery of approved security initiatives and work with project managers to ensure acceptable delivery of security solutions.
- Undergraduate degree ideally in information security, computer science or related field;
- 10 years of Information Security experience;
- Security qualifications such as CISP/CISA/CISM/CRISC etc;
- Knowledge of security frameworks including ISO 27001/2, NIST, COBIT etc;
- Demonstrated experience of data protection, security, risk and compliance related matters – preferably gained within a data centric and/or financial services environment;
- Experience of security governance and compliance in organizations that rely on outsourced model;
- Proven success gaining buy-in from decisions makers and stakeholders across IT and the business;
- Sound decision maker and can rationalize between difficult choices on technical merit and real risks;
- Excellent written and verbal communication skills as well as interpersonal and collaborative skills;
- Demonstrated ability to work in multi-disciplinary and geographically disperse teams;
- Ability to thrive in a fast-moving environment, with high tolerance for change;
- Leadership/management experience – preferably in matrix organizational structure;
- Experience in IT Security consulting an asset.
The use of masculine is for the sole purpose of lightening the text and refers to both women and men.
Fiera Capital subscribes to the principle of employment equity. Our staff is our most valuable asset and our goal is to create an inclusive and equitable environment where everyone can reach their true potential.
Fiera Capital will not tolerate any form of discrimination or harassment. All staffing decisions, including hiring and promotion decisions, will be based on merit, skills, performance and business needs. We are pleased to receive nominations from qualified individuals from a variety of backgrounds.
We thank all applicants for their interest in a career with Fiera Capital. We will only communicate with those selected for an interview.