This job posting has expired.

Here are some similar positions.

Information Security Manager

April 28 2020
Industries Bank, Insurance, Financial services
Categories Information Technology, Security, Continuity, Risk
Toronto, ON

UNIVERIS, headquartered in Toronto, Canada, is a privately held company and is the leader in enterprise wealth management for the Canadian market. Founded in 1991, UNIVERIS has over 80 staff and 23 leading financial services clients representing over 14,000 financial advisors on our software platform. It offers the most comprehensive wealth management solution for financial advisors in the credit union, banking, insurance and investment dealer sectors.

UNIVERIS EWMS is a world-class technology platform that boasts a number of firsts in Canadian mutual fund distribution including real-time processing, web access, built-in compliance, plus GIC and segregated funds processing capabilities. Technology innovation is one of the cornerstones of Univeris' product development strategy and through its Evergreen approach to technology, new features and capabilities transparently integrate into the platform.


The Information Security Manager will define, implement and manage the Univeris' Information Security practice in all its aspects. Working with cross-functional teams, the Information Security Manager will develop, lead and manage the implementation of security policies and processes related to the handling of external and internal data, and to the systems, networks and software applications developed or utilized at Univeris. Hands-on, the Information Security Manager will be competent in public cloud, data centre, and head office security strategies and technologies, and will be able to speak confidently to both corporate and engineering leadership.


  • Be the leader and manager accountable for information security at Univeris
  • Identify security risks, develop strategies and create the information security roadmap
  • Create and communicate corporate security policies
  • Plan and manage the implementation of processes required to satisfy security policy requirements
  • Lead and manage the vulnerability management process and execute tasks as required
  • Lead and manage security projects
  • Create and implement data security policies and practices for the transfer, retention and destruction of client data
  • Create and implement policies for firewall perimeter security, public cloud security, data centre security, and office headquarters security
  • Business Continuity Planning
  • Disaster Recovery planning
  • Manage Audit compliance - CSAE 3416 SOC 1, CSAE 3416 SOC 2, ISO 27001
  • Develop strong relationships with cross-functional team members including Developers, IT staff and Clients
  • Co-operate with engineering leads on security facing aspects of software product development
  • Co-operate with infrastructure management on security aspects of the Univeris infrastructure
  • Communicate and collaborate with Univeris Clients, vendors, auditors and other third parties on information security matters



  • Computer Science or related undergraduate degree/diploma, or equivalent work experience.

Experience & Technical Knowledge

  • Over 5 years of experience in information security
  • Experience with creation and documentation of security policies and procedures
  • Expertise in security best practices and their practical implementation in the context of the organization goals and resources
  • Experience with project management, including planning, managing, change and risk management, and reporting to stakeholders
  • Experience with identifying organizational gaps, implementing processes and solutions required for SOC 2 and ISO compliance
  • Demonstrated ability to evaluate, install, configure and operate technical solutions supporting information security needs, for ex. vulnerability management, SSH keys management solutions, etc.
  • Demonstrated experience with Fortinet FortiGate, including firewall rules, VPN tunnels, security policies, etc.
  • Hands-on experience with security management in the public cloud (AWS, GCP) and private cloud (VMware, Xen) security policies
  • Experience with penetration testing and vulnerability scans, assessing issues and recommending solutions
  • Proven experience with creating business case documents in support of security projects and tools
  • Experience with creating content and managing security awareness training
  • Experience with different security solutions and with negotiating and managing vendors and security services providers
  • Ability to bring a security perspective to existing processes, including the creation of questionnaires for security reviews related to software application architecture and infrastructure
  • Good understanding of asset management and patching
  • Experience with security automation implementation
  • Solid practical experience with PC security practices
  • Experience with software development and the SAFe methodology is an asset
  • Working knowledge of Atlassian Confluence, JIRA and office productivity software.

Personal Skills

  • Excellent analytical and problem-solving skills
  • Enthusiastic and motivated to learn, adapt and deliver tangible results in the Univeris context
  • Ability to apply theoretical knowledge and own expertise to defining effective processes and implementing solutions in a software development and SaaS delivery context
  • Ability to prioritize and work independently on multiple concurrent projects
  • Excellent time management applied to own work and other team members’ tasks
  • Demonstrated verbal and written communication skills, including formal documentation
  • Ability to listen and understand different points of view and to negotiate win-win solutions
  • Strong interpersonal skills and ability to build business relationships
  • Ability to interact effectively with peers and all levels of management, including all lines of business, and with external stakeholders
  • Ability to summarize data into high-level themes
  • Represents Univeris in a professional and positive manner network