Senior Cyber Security Governance Specialist

Beem is a new credit union with 80 years of history. Rising to the rapidly evolving challenges of the financial services industry and inspired by cooperative values, our founding credit unions recognized that we can do more together. Beem means light. It means energy. It means a brighter financial future. United as Beem, we are combining our strengths to better serve our members. As of January 1, 2025, Beem will be one of BC’s largest provincially regulated credit unions, supporting the financial wellness of 193,000 members from 66 branches across the province with $17 billion in assets under administration. Learn more about our journey at www.beemcreditunion.ca.

What this role is all about:

The Information Security team at Beem plays a pivotal role in safeguarding our digital assets and customer data, ensuring compliance and trust. By implementing cutting-edge security measures and fostering a security-first culture, they empower Beem to lead in innovation and reliability, aligning with our vision to be the best “digital first and people first” financial institution in British Columbia.

As a Senior Cyber Security Governance Specialist, you will play a pivotal role in safeguarding the organization’s information assets by implementing and managing comprehensive risk management and compliance frameworks. This position is responsible for developing and maintaining cybersecurity policies, conducting risk assessments and ensuring adherence to regulatory requirements. The specialist will collaborate with various teams to integrate security governance into projects and initiatives, facilitate audits, and promote a strong cybersecurity culture. By staying abreast of industry best practices and emerging threats, the specialist will continuously enhance the organization’s cybersecurity posture and resilience.

This role is open to remote working arrangements within British Columbia.

What you’ll do:

Risk Management Framework

• Design, implement, and continuously improve the enterprise cyber risk management framework. Lead its integration with operational processes and reporting structures.
• Maintain and operationalize alignment with frameworks such as NIST CSF. Conduct periodic gap assessments and coordinate action plans for maturity uplift.
• Continuously assess the effectiveness of the GRC program and introduce automation and efficiencies where possible.

Risk Identification and Assessment

• Identify, assess, prioritize, and track cybersecurity risks across the organization. Prepare risk profiles and dashboards for leadership and relevant committees.
• Perform in-depth risk assessments of critical systems and business processes. Collaborate with control owners and system owners to define remediation strategies and timelines.
• Conduct comprehensive third-party security reviews, including vendor risk assessments and due diligence, with clear documentation and remediation tracking.

Regulatory Compliance and Policy Development

• Monitor emerging cybersecurity regulatory obligations and ensure alignment with industry standards and organizational policies.
• Lead the development, maintenance, and governance of cybersecurity policies, standards, and procedures. Ensure alignment with regulatory requirements and best practices.
• Stay informed on emerging threats, regulatory updates, and industry best practices. Recommend changes to the GRC program to address evolving risks.

Performance Monitoring and Reporting

• Develop and maintain cybersecurity Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs). Create dashboards and regular reports for executive and board-level consumption.
• Prepare concise and impactful risk and compliance updates for risk committees, audit committees, and regulatory bodies.

Audit and Control Testing

• Serve as the point of contact for internal and external audits. Coordinate audit response activities and track resolution of findings.
• Design and conduct control testing activities across critical domains. Evaluate effectiveness and recommend improvements.

A little about your qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent work experience).
• 5 – 8 years of progressive experience in cybersecurity GRC with a focus on cyber risk frameworks, policy development, and risk assessments.
• In-depth knowledge of NIST CSF, ISO 27001, COBIT, or similar frameworks.
• Demonstrated experience in conducting third-party risk assessments and managing vendor security programs.
• Experience developing and reporting on cybersecurity KPIs and KRIs.
• Strong knowledge of risk management principles, control testing methodologies, and regulatory compliance.
• Excellent written and verbal communication skills, with the ability to influence across technical and non-technical audiences.
• Highly organized, detail-oriented, and able to manage multiple initiatives simultaneously.
• Relevant certifications preferred: CISA, CRISC, CISSP, CISM, or similar.

What will you gain:

• Competitive base salary; reviewed annually. The salary range for this position is $123,300 to $137,000 based on related education, accreditations, training, and experience.
• An incentive bonus plan.
• Extended health care, dental coverage, and disability coverage
• Favorable vacation benefits - paid time off to recharge!
• RRSP with Employer contributions, and the option to contribute yourself.
• Special banking perks - including mortgage and lending products.

At Beem we are BOLD and Always Welcoming and our values are at the forefront of everything we do!

• Build Together: You are a team player who thrives on collaboration, sparks ideas, and fosters inclusivity.
• Own It: You are ready to take charge, drive change, and deliver outstanding results.
• Lead with Agility: You are a dynamic, adaptable thinker who thrives on challenge and innovation.
• Driven by Curiosity: You are eager to explore, learn, and shape the future.

Ready to join?

Visit us at www.beemcreditunion.ca to learn more about what it’s like to work for Beem Credit Union! We sincerely thank all applicants for their interest; however, only shortlisted candidates will be contacted for an interview.

We at Beem Credit Union are committed to ensuring inclusive employment practices and an accessible business environment for our employees. We do not discriminate based on any protected attribute covered by the Human Rights Code and encourage all qualified candidates to apply. We are committed to a fair and equitable hiring process for all candidates. All applications are reviewed by a member of our team.