ICS Security Risk Assessment Manager

Butterfield Support Services (Halifax) Limited provides centralized shared services and support to the Butterfield Group in the areas of Finance and Accounting, Human Resources, Information Technology, Operations, Client Services and Compliance. Operating in multiple jurisdictions, we focus on results, value relationships, and celebrate success. If this sounds like your kind of company, then consider this opportunity to become part of a collaborative team of professionals at the world's leading, independent offshore bank and trust company. 

IT Security Risk Assessment Manager

Based in our Halifax office, the IT Security Risk Assessment Manager reports to the Deputy Chief Information Security Officer. The IT Security Risk Assessment Manager has overall responsibility to deliver and maintain the Cyber Security Risk Assessment services function.  They will ensure that we have sufficient capability to predict and detect application, cloud, and third-party security threats and vulnerabilities, as well as demonstrate that we are meeting key performance indicators to remove or mitigate security risks in line with our security risk appetite.

Your responsibilities will include:

• Running the security risk assessment program for Information and Cyber Security (ICS), ensuring management of best practices and risk reduction.
• Ensuring the hybrid staffed/managed service operating model is appropriate to the size of Butterfield.
• Ensuring that utilized internal and third-party services maintain service coverage at the right cost and quality. 
• Defining meaningful key performance indicators and key risk indicators for measuring the coverage and performance of Butterfield's security risk assessment capabilities.
• Defining Service Level Agreements and monitoring the performance of security risk remediation within Butterfield Group. 
• Undertaking annual SWIFT attestation testing and reporting effectiveness to the Group's Chief Information Security Officer (CISO).
• Supporting the wider Cyber Risk Assurance function in control testing of key ICS controls.
• Helping with developing, implementing, and publishing information security standards and guidelines.
• Providing subject matter expertise and best practices on application, cloud, and third-party security standards, while offering strategic and tactical security guidance for IT projects, including the evaluation and recommendation of technical security controls.
• Providing responses to regulator and investor inquiries regarding Butterfield security risk assessment standards.
• Contributing to the program of continuous risk assessment and application vulnerability reviews, including the coordination of all required fixes/changes assigned to the CISO.
• Guiding relevant senior management and business units in the development, implementation, and maintenance of information security. 
• Aiding peer managers in understanding and responding to security audit failures reported by internal and external auditing departments.
• Designing the technology, processes, functions, and services required by an application security testing or security risk assessment team in order to keep ahead of threats, vulnerabilities, breaches, or deficiencies. 
• Developing and implementing procedural changes given incident trends, market practice, and legislative changes in order to reduce risk.
• Applying application security procedures as part of new IT project implementations.

Your qualifications and skills include:

• Five or more years of experience in Information Technology Security.
• Proven experience working within Application Security and Security Risk Assessment teams.
• Knowledge of legislation related to Information Security.
• Strong interpersonal and communication skills.
• Deep knowledge of Application Security Testing technologies and how to approach security risk assessments.

Why Butterfield?

Butterfield is a leading, independent offshore bank and trust company. With more than 1,300 financial services professionals across ten international jurisdictions, the Butterfield experience is enhanced by robust learning and development opportunities and comprehensive benefits. Guided by our core values—approachable, collaborative, empowered and impactful—we provide a respectful environment where we value the diversity of our employees and the talents and experiences they bring. With a 160-year tradition of service excellence we empower individuals to achieve their potential and make a positive impact on our business, our clients and our communities.

Closing Date

January 8, 2026

Let's start a conversation.