Posted: May 30, 2026
Aggregated from workday. View original posting at sunlife.wd3.myworkdayjobs.com. Apply directly with the employer.
Director, Security Advisory Services - Toronto, Ontario is listed at Sun Life in Toronto, ON. The Beaver Board aggregates this opening from the employer's career page — apply using the button below to reach the official application. Browse more jobs at Sun Life.
The Director of Security Advisory Services oversees the delivery of the Information Security advisory programme and corresponding services within Sun Life. This leader guides a team of highly skilled professionals whose mandate is to consult across Enterprise Services and internal Business Units to ensure security risk reviews are conducted across the Enterprise. The role also assists with the development and implementation of critical IT Security programmes, procedures, capabilities, and services within Sun Life. It involves planning and executing enterprise-level IT Security requirements. The Director frequently interacts with the Enterprise Services Leadership Team, peers within Enterprise Services, and internal and external customers, including other Sun Life technology teams, HR, Legal, and Compliance, as well as IT service providers and key vendors in the delivery of security services.
This role holds global responsibility for the Security Advisory function. You will conduct information security risk reviews on all initiatives, both new and legacy, to protect the Sun Life environment against threats to confidentiality, integrity, and availability of key business operations, applications, and infrastructure. Managing exceptions to Security Directives, including risk analysis, compensating controls, and executive sign-off, is a key part of this role. You will provide security consulting services to internal Business Units and DBTS. The Director sets direction for security-related technologies or other controls needed to reduce future risk and improve reliability, which involves developing and delivering white papers and strategy papers based on ongoing research. You will act as the prime point of contact for technical security issues and perform a relationship manager role within DBTS and Business Unit Teams. Active participation and critical contribution to the delivery of the Information Security strategic plan, ensuring alignment with business initiatives, is expected. This includes facilitating effective partnerships and alliances with key stakeholders. You will participate in establishing and communicating relevant best practice scenarios relating to Information Security practices. The ability to communicate difficult or complex security ideas and areas of risk clearly and concisely to internal and external clients is essential. The role also involves managing staff development, performance management, and employee motivation and leadership. You will actively participate in and provide leadership, advice, support, and partnering with AS and DBTS leadership teams. Providing subject matter expertise to enable management to adequately protect against internal and external threats, in accordance with industry-accepted standards and relevant legislation, is crucial. You will lead Security Advisory services to deliver consistent, KPI-driven risk assessments and advisory outcomes across the enterprise, ensuring effective risk identification, governance, and executive decision-making. Driving measurable improvements in risk posture and service delivery through strong stakeholder partnership, data-driven reporting, and continuous process optimisation is also a key responsibility.
To succeed in this role, you will need a minimum of 7-10 years of experience in IT/Information, preferably with experience in multiple areas. Extensive knowledge of IT Security principles, protocols, practices, and industry standards is required, along with a solid understanding of existing and emerging IT Security technologies. Strong communication skills are essential, enabling you to interface and negotiate effectively with senior staff. A strong understanding of the Sun Life culture and the ability to work with diverse groups are important. You should be a good technology generalist with a solid understanding of all aspects of IT, especially architecture. Strong consulting skills and the ability to create win-win outcomes are highly valued. You must be able to work with businesses from a business perspective and interpret technical context into common business understandings. This role requires a self-starter, strategic thinker, negotiator, and consensus builder. Educationally, a university degree or college diploma in Computer Science, Engineering, or comparable professional education or training in a field relevant to IT Security management and risk management is necessary. A minimum of 10 years of relevant experience within a corporate or government IT security department in an organisation of comparable size and complexity to Sun Life is also required. A professional designation in IT security management, such as CISM, CISSP, or CISA, is preferred. Some travel will be required for this position.
Sun Life offers a competitive salary and bonus programme. You will receive a flexible group insurance programme starting on your first day of work, designed to meet your needs and those of your family. The company provides time off that allows you to focus on the moments that matter most, including 20 vacation days per year. Our Share Ownership Programme gives you the opportunity to invest in Sun Life while benefiting from employer matching contributions. Sun Life is proud to be included in Great Place to Work's 2026 list of Canada's Best Workplaces. You will experience a warm, supportive, and inclusive culture. Diversity and inclusion are at the core of Sun Life's values, with a diverse workforce benefiting clients, communities, and colleagues. Sun Life is a hybrid organisation, offering employees the choice and flexibility to work from both the office and virtually based on business needs, client requirements, and individual preferences.
