Cyber Security Risk Director

You will be working on a flexible hybrid schedule as part of Fidelity's dynamic working arrangement.

Who We Are

At Fidelity, we've been helping Canadian investors build better financial futures for over 35 years.  We offer individuals and institutions a range of trusted investment portfolios and services - and we're constantly seeking to find new and better ways to help our clients.  As a privately owned company, we boldly embrace innovation in all areas as we continue to grow our business into the future.

Working with us means you'll be part of a diverse and dedicated group of people who make a real difference for our clients and communities every day. You'll have a wide range of opportunities to grow and develop your career in an inclusive environment where you'll feel valued and supported to be your best - both personally and expertly.

What You Will Do

The Cyber Security Risk Director is a leadership position responsible for leading the development of Fidelity Canada's cyber security risk posture as part of the second line of defense. This role ensures that cyber security risks are effectively identified, assessed, mitigated, and monitored across Fidelity Canada (Fidelity Clearing Canada (FCC), Fidelity Investments Canada (FIC) and Fidelity Canada Institutional Management (FCIM)). The Director will be a certified subject matter expert in cyber security risk who provides strategic advisory support in the development and maintenance of a comprehensive cyber security risk framework and will work closely with key stakeholders to enhance the organization's resilience against emerging threats.

The Director will collaborate with key stakeholders in Information Security, Enterprise Risk, Technology Risk, and other relevant functional stakeholders across Fidelity Canada, Fidelity International Limited (FIL) and Fidelity Management & Research Company (FMR) to ensure cohesive and effective cyber security risk management. This role is responsible for advancing and safeguarding Fidelity Canada's reputation and operational effectiveness through the continuous enhancement of its cyber security risk posture.

Key responsibilities include:

• Oversight and accountability of the cyber security risk framework and methodologies, conducting both planned and ad-hoc technical risk reviews, evaluating technology and business initiatives with cyber security implications
• Represent Fidelity Canada on FIL cyber governance committees
• Lead the development of Fidelity Canada's Cyber Risk Oversight Program
• Design, implement, and maintain a comprehensive cybersecurity risk oversight program supported by well-defined policies that align with enterprise risk appetite, regulatory requirements, and industry standards
• Identify and assess cybersecurity risks and advise business units and Information Security stakeholders on risk issues to ensure awareness and accountability for cybersecurity risks.
• Monitor external trends and evaluate potential impacts to business strategy; provide documented analytical insights of the risk profile, while ensuring a sound operational control environment through establishment of effective internal controls.
• Perform review and challenge of first line of defense cyber risk management processes (e.g. risk assessments, control evaluations, risk metrics, mitigation plans, risk acceptances etc.) and communicate risk opinions at various levels of management.
• Advise on remediation strategies of any inconsistencies and gaps identified through independent assessments of key cybersecurity processes.
• Provides second line of defense leadership and subject matter expertise during response to major cyber incidents including cyber-security related privacy events and coordinate second line of defense engagement and response.
• Develop and provide regular reporting to senior management committees across Fidelity .
• Responsible for ownership of relationships with external cyber security risk experts
• Ensure all activities and deliverables achieve their timeliness, quality, and accuracy service levels.

What We Are Looking For:

• Completed University Degree or equivalent work experience
• 7+ years of related work experience, in which a subset is practical experience in multiple areas of cyber risk and 5+ years of experience at the management level
• Experience with developing and implementing cybersecurity risk oversight programs in the financial services sector, preferably in a 2nd or 3rd line of defense
• Knowledge of current and evolving regulatory requirements, current trends in cyber threats/vulnerabilities
• Advanced knowledge of cyber risk management best practices and how to implement them
• Experience with risk frameworks and standards such as NIST CSF and ISO 27001
• Experience in Cybersecurity risk consulting in the financial services sector, Cyber security audit or in a similar second line of defense role is an asset
• Proficiency with the COBIT risk framework is considered advantageous
• Professional Certifications in Cybersecurity, such as CRISC (ISACA), CISM (ISACA), CISA (ISACA), CISSP (ISC²), and CCSP (ISC²)

The Skills You Bring

• Demonstrated leadership skills and ability to lead oversight activities across different teams
• A keen sense of risk anticipation with attention to details and ability to challenge status quo
• Ability to build relationships, influencing and negotiating across diverse stakeholders across the lines of defense, including senior management
• Excellent written and oral communication skills
• Understanding of systems architecture
• Excellent analytical, organizational and project management skills.
• Strong risk, process, and control validation and/or assessment skills

Total Rewards That Reflect Your Impact

We believe exceptional work deserves exceptional recognition. That's why we offer a competitive compensation package designed to support your success today—and your financial well-being tomorrow.

For this role, your total rewards include:

• Base Salary: A competitive annual range of $140,000 to 160,000, based on your experience and qualifications.

• Performance Bonus: Eligible for a discretionary bonus that rewards your contributions and results.

• RRSP Contribution: After 6 months of employment, we invest in your future with an RRSP contribution—no employee matching required.

We're proud to offer a compensation package that aligns with provincial pay transparency requirements.

This posting represents an existing vacancy within our organization—an opportunity to step into a role where your talents will make a meaningful difference.

Current work authorization for Canada is required for all openings.

Some of the ways we'll help you feel valued and supported as part of our team:

• Flexible working arrangements - 100% remote, hybrid, and in office options
• Competitive total compensation, including company contributions to your group RRSP without a matching requirement from you
• Comprehensive health benefits that start on your first day, with 100% employer-paid premiums, that include up to $5000 annually for mental health services and therapy
• Parental leave top-up to 100% of your salary for a period of 25 weeks
• Up to $650 for home office equipment
• Generous time off policy, including 2 paid days annually to volunteer at a charity of your choice
• Diversity and inclusion programs, including an active network of Employee Resource Groups
• Extensive professional development opportunities, including access to over 11,000 training and development courses, tuition reimbursement, and monetary rewards for completing a required designation 

We care a lot about fostering a compassionate, people-centric culture, and are proud to have been named one of Canada's Top 100 employers for the last five years.

Fidelity Canada is an equal opportunity employer

Fidelity Canada is committed to fostering a diverse and inclusive workplace. We will consider all qualified applicants for employment regardless of race, color, religion, sex, sexual orientation, gender identity or expression, national or ethnic origin, age, disability, family status, protected veterans' status, Aboriginal/Native American status or any other legally-protected ground.

Accommodation during the application process

Fidelity Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in the selection process. If you require an accommodation, please email us at

No telephone inquiries or agencies please. We thank all applicants for their interest, please be advised that only those selected for an interview will be contacted.

Why Work at Fidelity?

We are proud to be recipients of the following:

Awards

•    Canada's Top 100 Employers 
o    Greater Toronto's Top Employers 
o    Canada's Top Family-Friendly Employers 
o    Canada's Top Employers for Young People 
  

•    Great Place To Work Certified 
o    Best Workplaces for Inclusion 
o    Best Workplaces for Mental Wellness 
o    Best Workplaces for Today's Youth 
o    Best Workplaces for Women 
o    Best Workplaces in Financial Services & Insurance 
o    Best Workplaces in Ontario 
o    Best Workplaces with Most Trusted Executive Teams 

•    LinkedIn Top Companies in Canada
  

•    Human Resource Director (HRD) - Best Place To Work 
o    HRD - 5-Star Benefit Program 
o    HRD - 5-Star Diversity & Inclusion Employer 

Designations

•    Canadian Compassionate Companies – Certified 

•    Benefits Canada's Workplace Benefits Award - Future of Work Strategy 

•    TalentEgg National Recruitment Excellence Award - Special Award for Diversity & Inclusion in Recruiting 

•    Canadian HR Reporter's Most Innovative HR Team