WHO WE ARE
When it comes to health, we’re always looking for ways to push for better. It’s why we were founded in the first place. In 1957, our founder, pharmacist William Wilkinson, witnessed a mother sacrifice her health by forgoing her own medicine to pay for her sick daughter’s prescription. He knew there had to be a better way. So, he introduced North America’s first prepaid drug plan, and GreenShield was born as a not-for-profit with a mission to support better health for all Canadians.

We aren’t just a health and benefits company. We’re the only not-for-profit social enterprise that brings worlds of coverage and care together, all in one place.
We’re noble challengers, purposefully building a better way and we need the best people to help us create a more holistic approach that takes care of the mind and body.

Our mission is to create better health for all Canadians, and we know that starts with our employees.

THE ROLE IN A NUTSHELL

Base Salary: Range Exempt

The Director, Information Security Operations is a key enterprise leader accountable for shaping and advancing GreenShield’s security strategy to safeguard digital and cyber assets in alignment with organizational objectives and risk appetite. This role continuously drives security resilience at scale, overseeing a 24/7 Security Operations Center (SOC) and leading mission-critical functions including incident response, vulnerability and threat management, penetration testing, and cloud/application security. As a trusted advisor to senior leadership, you will define and execute the security operations roadmap, influence enterprise architecture decisions, and ensure compliance with regulatory and customer contractual requirements. You will champion operational excellence, optimize capacity and demand, and embed a culture of accountability and continuous improvement. Beyond operations, you will engage cross-functionally, contribute to board-level reporting and strategic planning to position Information Security as a business enabler and trusted advisor to the business.

Responsibilities:

• Provide strategic leadership, oversight, and operations of security technologies, controls, and platforms to protect enterprise assets and data.
• Lead cyber incident response activities, including containment, recovery, and management of incidents throughout their lifecycle, covering both internal and third-party risks.
• Ensure regular vulnerability scans, penetration testing and red team exercises, and build/manage a threat intelligence program to proactively identify and respond to emerging threats. Champion secure software development lifecycle (SSDLC) practices, monitor remediation activities for go-live readiness.
• Collaborate with CISO and peers to set strategic directions and roadmaps in alignment with business strategy and risk appetite
• Present security posture, threat landscape and metrics to senior audiences
• Own security operations budget and vendor strategy ensuring cost optimization and technology alignment with enterprise
• Ensure control operating effectiveness to support regulatory and compliance requirements (SOC2, ISO27001, NIST-CSF)
• Influence enterprise security architecture roadmap
• Responsible for multi-cloud security, and advanced threat detections capabilities for applications
• Train, develop, and coach staff; promote cross-training and knowledge sharing; drive best practices and continuous improvement of delivery processes and user experience.
• Build high-performing team with succession planning for senior roles.
• Subject matter expert consultation, initiative coordination, audit and compliance, board and committee reporting contribution and strategic support

WHO WE'RE LOOKING FOR

• University degree in Computer Science or equivalent.
• Certified Information Systems Security Professional (CISSP)
• Minimum of 10 years of related experience in enterprise IT environments, with at least 5 years in a leadership role.
• Strong technical knowledge in network and endpoint security
• Knowledge in application security and hardening
• Expert knowledge in cyber incident response technologies and understanding of adversarial techniques, tactics, and procedures (TTPs).
• Proficient in security event monitoring, threat intelligence, security operations center (SOC), and incident response technologies
• Strong leadership capabilities to motivate, build, develop and lead effective teams to achieve results.
• Verbal and written communication with a spectrum of senior management, executives, users, other technical teams, external customers, to enable and influence business outcomes.
• Strong problem-solving abilities and ability to work effectively under pressure.
• An accomplished facilitator with excellent interpersonal and communications skills that support working effectively in multi-disciplinary and multiple location team environments.
• Experience in partnering with technology, product and program management teams.
• Highly developed planning, organizing and negotiating skills; can manage multiple tasks, meet tight deadlines and respond to changing priorities.

NICE TO HAVEs

• University degree in Cybersecurity, Computer Science or equivalent.
• Certified Information Security Manager (CISM)
• Certificate of Cloud Security Knowledge (CCSKv4)

THE CULTURE
We believe a career should be meaningful. Not just a means to earn a living. Our culture is one where everyone's voice is heard and valued. Because that’s what it takes to create better health for all. We dare to challenge the status quo. And we’re driven by people who have challenged theirs. We believe that your workplace should empower you to be the best version of yourself. That’s why we provide a place where you can be inspired, challenged, and rewarded.

Where your growth means our growth.
Where your voice is heard and valued.
Where your work has purpose. And purpose matters.

We believe our people are critical to our overall success. Inclusivity makes us a stronger, smarter and more informed organization. Being intentionally inclusive of diverse backgrounds, perspectives and experiences will enhance our company culture to positively impact how we support our communities. A career at GreenShield isn’t just about personal achievements, it's about making a difference together.

Here’s to Better Health for All!

A FEW MORE DETAILS
Proficiency in English is required for this position. As part of this role, you will be required to communicate with colleagues or customers who use English as their primary language. By requiring English proficiency for this position, we aim to ensure that our employees can excel in their roles, collaborate, and communicate effectively, and contribute to the success of our organization.

GS supports diversity, equity and inclusion in our teams and communities, and we value the unique contributions made by all. Even if your experience doesn’t align perfectly to every requirement, we invite you to apply. We encourage applications from all candidates and will accommodate needs under human rights legislation throughout all stages of the recruitment and selection process. Please let us know of any accommodation through requestforaccommodation@greenshield.ca. Information received relating to accommodation will be addressed confidentially.

Providing this information gives GS consent to use your personal information to assess your suitability for specific positions, future opportunities or for your personnel file. Your résumé will be held in strict confidence and will be viewed only by the Organization. Information may be stored outside of Canada and could be used for aggregate statistical purposes (which uses no personal identification).

AI Usage - GreenShield leverages AI to help produce Job Descriptions, and ideate on interview questions. We also leverage AI for interview transcription support.