Senior Security Consultant (Cybersecurity Risk Management)

Join our team and what we'll accomplish together

We live in and work in a rapidly evolving digital world where cyber security is critical. The Global CSO function for TELUS Health brings a focus on the Security of our sensitive health information and regulatory compliance, to meet and exceed the expectations of our global customers as the most trusted wellbeing company in the world. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology. 

The Cybersecurity Risk Management team is the central hub of expertise for identifying, assessing, and managing cybersecurity risks across the organization. You will report to the Manager, Cybersecurity Risks and work cross-functionally across all of TELUS Health to translate technical vulnerabilities into security relevant risk themes, ensuring leadership has the insights needed to make informed, risk-aware decisions. 

What you will do

• Provide expert guidance to team members on cybersecurity risk methodologies, communication strategies, and risk mitigation practices — fostering a culture of continuous improvement.
• Support and elevate how we work, recommending improvements to our tools, templates, processes, and reporting to drive greater clarity and impact.
• Bring structure and insight to risk mitigation conversations, working closely with risk owners to guide resolution strategies and ensure follow-through.
• Own and evolve the Cybersecurity Risk Register, ensuring consistency, quality, and executive-ready reporting that clearly conveys our risk posture and priorities.
• Act as a trusted advisor to the CSO’s office and business leaders, translating technical risk into business context and helping shape enterprise-level decisions.
• Partner cross-functionally with Privacy, IT, Compliance, Legal, and Product to embed cybersecurity risk thinking into early-stage design and everyday operations.
• Conduct and oversee risk and threat assessments across cloud (e.g., Google Cloud, Azure) and on-prem environments — with a sharp eye consistency, alignment with frameworks (e.g., NIST, ISO/IEC 27001).
• Elevate reporting and insights, using dashboards and executive summaries to ensure risk data drives meaningful conversations with senior leadership.

What you bring

• 7+ years of cybersecurity experience, including strong hands-on risk management exposure and deep knowledge in at least two domains (e.g., cloud security, vulnerability management, GRC, product security).
• Proven leadership experience — whether you’ve led a team or acted as a senior peer and mentor, you know how to guide others and influence outcomes.
• Advanced understanding of risk frameworks and regulatory expectations (e.g., NIST 800 series, ISO/IEC 27001, GDPR, HIPAA, PIPEDA).
• Strong communicator with the ability to tailor messages to technical teams, executives, and cross-functional partners.
• Hands-on experience conducting risk and threat assessments across hybrid environments, especially cloud platforms like Google and Azure.
• Familiarity with GRC platforms such as OneTrust, AuditBoard, Jira, and ServiceNow.
• Professional certifications like CISSP, CRISC, CISM, or CISA.

Advanced knowledge of English is required because you will most of the time interact in English with external parties (clients, suppliers, candidates, external partners, etc.); interact in English with internal parties (colleagues, internal partners, stakeholders, etc.); and work with IT tools whose interface is only accessible in English as part of this position's main responsibilities given its international scope.