Top Benefits
About the role
Senior Information Security Advisor, Cyber Security Department: Information Technology Operations and Security Type: Permanent Location: Toronto (Hybrid) Posting Date: July 9th, 2026 At OPTrust, paying pensions today, preserving pensions for tomorrow is our mission and business. When you choose OPTrust, you join a team of smart, talented people who fuel our success and have a passion for pensions. Everyone at OPTrust – in Toronto, London and Sydney – makes a meaningful impact. Our culture is driven by team members with different backgrounds and perspectives creating an inclusive and fulfilling place to work for everyone. We work in a fast-paced environment, but we find time to have fun and give back to the community. What OPTrust offers you Unique culture rooted in our core values – collaboration and teamwork, integrity, respect, flexibility, excellence and continuous improvement. A purpose-driven environment where we all work towards the common goal of paying pensions today and preserving pensions for tomorrow. Comprehensive benefits focused on your health and wellness, including dental, vision and extended health benefits, as well as membership in our world-class defined benefit pension plan. A flexible, hybrid work model. A dedicated inclusion, diversity and equity strategy with meaningful opportunities to participate, including our employee-led resource groups. Extensive professional development opportunities and learning initiatives including access to LinkedIn Learning, guest speakers, tuition reimbursement, professional association memberships, leadership development programs, a mentorship program, monthly professional development time and more. A competitive vacation package with additional work-life balance days. About the role Working under the leadership of the Manager, Cyber Security, the Senior Information Security Advisor safeguards information system assets by identifying and solving potential and actual security problems. The position works towards improving OPTrust’s information security posture in-adherence to the technology governance and control framework ensuring technology controls are in place to protect business operations; in addition, develop and implement security standards, policies, and procedures. What you’ll do Cybersecurity Incident Monitoring and Response Ensure security attacks and / or intrusions are monitored and responded to timely, correlating security alert data, threat intelligence and infrastructure anomalies. Analyze vulnerability alerts and compile/test vulnerability exploit code. Participates in incident response planned and unplanned activities. Cybersecurity Posture Corrections and Enhancements Conduct vulnerability application, system, and database scans, with vulnerability remediation guidance and advisory to technical and management teams. Evaluate and assess emerging security threats and vulnerabilities with counter controls. Lead the corporate security patch management program. Participate in the ongoing development of the Identity Access Management programs. Cybersecurity Awareness Education Participate in the development and maintenance of the corporate security awareness program. Cybersecurity Governance and Testing Implement and maintain corporation wide information security policy, standards, guidelines, and procedures. Monitor the effectiveness of internal controls and participate in the annual review with external auditors and other groups to identify potential security objectives and priorities. Conduct threat risk assessments and security testing on applications, systems, and networks. Assist in the development and execution of the corporate information security plan. Others Performs other duties as assigned. Ensure clear understanding and adherence of all OPTrust’s policies, procedures, guidelines as well as living our values and fostering an inclusive culture. What you bring A minimum of 8 years’ experience working in a Security or IT Audit team with Team Lead experience. Post-secondary certification and/or degree in Computer Science or related field. Certified Information Security Manager (CISM). Certified Information Systems Security Professional (CISSP). Certified Information Systems Auditor (CISA). Other Industry recognized Cybersecurity certifications (CEH, Cloud Security). Understanding IT supports requirements for investment and pension administration professionals. Working knowledge of Cybersecurity frameworks such as NIST. Experience developing and maintaining Cybersecurity risk metric reporting (KPI and KRI) Experience managing a vulnerability management program. Experience in security advisory on projects and operational activities for Cybersecurity risk treatment. Experience assessing architecture documents for compliance with Cybersecurity standards. Experience performing Cybersecurity Threat Risk Assessments on applications and systems Experience performing Cybersecurity vendor governance. Experience performing Incident triaging and preparedness planning for Tabletop and Red Team exercises. Experience Implementing and operationalizing security products covering but not limited to; SIEM, IDS/IPS, EDR, CASB, VM scanners, IDM, PAM, Encryption, Email, Certificates, Web Filtering, and Firewalls. Experience supporting a pen test program with external vendor and IT teams. Experience performing Access Management reviews including Privileged access, processes, and tools.. Experience with cloud security such as Azure and O365 Experience developing corporate information security policy, standards, guidelines, and procedures. Experience supporting security maturity of internal controls and capabilities through annual external security assessments, audits, and Cybersecurity roadmap. Experience supporting a corporate security awareness program. Exceptional knowledge of IT security and risk disciplines and practices Strong oral, written and people skills. Strong organizational, time management, multi-tasking, judgment and critical thinking skills Ability to work well in a team and independently. Exemplify OPTrust’s values: collaboration and teamwork, integrity, respect, flexibility, excellence, and continuous improvement. This posting is for an existing vacancy. The range of expected compensation for this position is $104,540.00 to $128,773.00 per year. Please submit your application via Workday by July 23, 2026. Serving a membership as diverse as ours and investing in a global market means cultivating an environment that embraces inclusion, diversity, and equity in everything we do. OPTrust is an organization engaged in building on our unique and diverse strengths. We know a diversity of backgrounds, cultures, gender identities and perspectives are critical to achieving our shared goals. If you require accommodation at any time during the recruitment process, please send a message to careers@optrust.com, or discuss your needs with the Talent Acquisition Consultant during the telephone screening. We will do our best to work with you and provide appropriate accommodation. As an organization we’re seeking ways to respond to the Truth and Reconciliation Commission of Canada’s Call to Action 92. We are working with the Canadian Council for Indigenous Business to build bridges with Indigenous communities and partners, and we have created an employee-led Reconciliation Working Group that will work with Indigenous experts to identify a path to reconciliation for our organization. We thank all interested applicants, however only those under consideration will be contacted. With net assets of over $27 billion, OPTrust invests and manages one of Canada's largest pension funds and administers the OPSEU Pension Plan (including OPTrust Select), a defined benefit plan with 118,000 members. OPTrust was established to give plan members and the Government of Ontario an equal voice in the administration of the Plan and the investment of its assets through joint trusteeship. OPTrust is governed by a 10-member Board of Trustees, five of whom are appointed by OPSEU/SEFPO and five by the Government of Ontario.
Similar Jobs
Top Benefits
About the role
Senior Information Security Advisor, Cyber Security Department: Information Technology Operations and Security Type: Permanent Location: Toronto (Hybrid) Posting Date: July 9th, 2026 At OPTrust, paying pensions today, preserving pensions for tomorrow is our mission and business. When you choose OPTrust, you join a team of smart, talented people who fuel our success and have a passion for pensions. Everyone at OPTrust – in Toronto, London and Sydney – makes a meaningful impact. Our culture is driven by team members with different backgrounds and perspectives creating an inclusive and fulfilling place to work for everyone. We work in a fast-paced environment, but we find time to have fun and give back to the community. What OPTrust offers you Unique culture rooted in our core values – collaboration and teamwork, integrity, respect, flexibility, excellence and continuous improvement. A purpose-driven environment where we all work towards the common goal of paying pensions today and preserving pensions for tomorrow. Comprehensive benefits focused on your health and wellness, including dental, vision and extended health benefits, as well as membership in our world-class defined benefit pension plan. A flexible, hybrid work model. A dedicated inclusion, diversity and equity strategy with meaningful opportunities to participate, including our employee-led resource groups. Extensive professional development opportunities and learning initiatives including access to LinkedIn Learning, guest speakers, tuition reimbursement, professional association memberships, leadership development programs, a mentorship program, monthly professional development time and more. A competitive vacation package with additional work-life balance days. About the role Working under the leadership of the Manager, Cyber Security, the Senior Information Security Advisor safeguards information system assets by identifying and solving potential and actual security problems. The position works towards improving OPTrust’s information security posture in-adherence to the technology governance and control framework ensuring technology controls are in place to protect business operations; in addition, develop and implement security standards, policies, and procedures. What you’ll do Cybersecurity Incident Monitoring and Response Ensure security attacks and / or intrusions are monitored and responded to timely, correlating security alert data, threat intelligence and infrastructure anomalies. Analyze vulnerability alerts and compile/test vulnerability exploit code. Participates in incident response planned and unplanned activities. Cybersecurity Posture Corrections and Enhancements Conduct vulnerability application, system, and database scans, with vulnerability remediation guidance and advisory to technical and management teams. Evaluate and assess emerging security threats and vulnerabilities with counter controls. Lead the corporate security patch management program. Participate in the ongoing development of the Identity Access Management programs. Cybersecurity Awareness Education Participate in the development and maintenance of the corporate security awareness program. Cybersecurity Governance and Testing Implement and maintain corporation wide information security policy, standards, guidelines, and procedures. Monitor the effectiveness of internal controls and participate in the annual review with external auditors and other groups to identify potential security objectives and priorities. Conduct threat risk assessments and security testing on applications, systems, and networks. Assist in the development and execution of the corporate information security plan. Others Performs other duties as assigned. Ensure clear understanding and adherence of all OPTrust’s policies, procedures, guidelines as well as living our values and fostering an inclusive culture. What you bring A minimum of 8 years’ experience working in a Security or IT Audit team with Team Lead experience. Post-secondary certification and/or degree in Computer Science or related field. Certified Information Security Manager (CISM). Certified Information Systems Security Professional (CISSP). Certified Information Systems Auditor (CISA). Other Industry recognized Cybersecurity certifications (CEH, Cloud Security). Understanding IT supports requirements for investment and pension administration professionals. Working knowledge of Cybersecurity frameworks such as NIST. Experience developing and maintaining Cybersecurity risk metric reporting (KPI and KRI) Experience managing a vulnerability management program. Experience in security advisory on projects and operational activities for Cybersecurity risk treatment. Experience assessing architecture documents for compliance with Cybersecurity standards. Experience performing Cybersecurity Threat Risk Assessments on applications and systems Experience performing Cybersecurity vendor governance. Experience performing Incident triaging and preparedness planning for Tabletop and Red Team exercises. Experience Implementing and operationalizing security products covering but not limited to; SIEM, IDS/IPS, EDR, CASB, VM scanners, IDM, PAM, Encryption, Email, Certificates, Web Filtering, and Firewalls. Experience supporting a pen test program with external vendor and IT teams. Experience performing Access Management reviews including Privileged access, processes, and tools.. Experience with cloud security such as Azure and O365 Experience developing corporate information security policy, standards, guidelines, and procedures. Experience supporting security maturity of internal controls and capabilities through annual external security assessments, audits, and Cybersecurity roadmap. Experience supporting a corporate security awareness program. Exceptional knowledge of IT security and risk disciplines and practices Strong oral, written and people skills. Strong organizational, time management, multi-tasking, judgment and critical thinking skills Ability to work well in a team and independently. Exemplify OPTrust’s values: collaboration and teamwork, integrity, respect, flexibility, excellence, and continuous improvement. This posting is for an existing vacancy. The range of expected compensation for this position is $104,540.00 to $128,773.00 per year. Please submit your application via Workday by July 23, 2026. Serving a membership as diverse as ours and investing in a global market means cultivating an environment that embraces inclusion, diversity, and equity in everything we do. OPTrust is an organization engaged in building on our unique and diverse strengths. We know a diversity of backgrounds, cultures, gender identities and perspectives are critical to achieving our shared goals. If you require accommodation at any time during the recruitment process, please send a message to careers@optrust.com, or discuss your needs with the Talent Acquisition Consultant during the telephone screening. We will do our best to work with you and provide appropriate accommodation. As an organization we’re seeking ways to respond to the Truth and Reconciliation Commission of Canada’s Call to Action 92. We are working with the Canadian Council for Indigenous Business to build bridges with Indigenous communities and partners, and we have created an employee-led Reconciliation Working Group that will work with Indigenous experts to identify a path to reconciliation for our organization. We thank all interested applicants, however only those under consideration will be contacted. With net assets of over $27 billion, OPTrust invests and manages one of Canada's largest pension funds and administers the OPSEU Pension Plan (including OPTrust Select), a defined benefit plan with 118,000 members. OPTrust was established to give plan members and the Government of Ontario an equal voice in the administration of the Plan and the investment of its assets through joint trusteeship. OPTrust is governed by a 10-member Board of Trustees, five of whom are appointed by OPSEU/SEFPO and five by the Government of Ontario.