Manager, Cybersecurity Risk

At SE Health, our people are everything—and our Home Office is an important part of that culture. When you choose to join SE Health, you become part of a caring, purpose-driven team that’s making a real difference across the country. Our Home Office is where innovation meets impact—supporting our direct care teams, driving strategic growth, and helping to shape the future of health care.

As a member of our amazing Home Office team, you’ll collaborate with passionate colleagues, bring bold ideas to life, and contribute to meaningful work that supports thousands of care interactions each day. We believe in growing together, investing in our people, and creating an inclusive workplace where you can be yourself. Learn why you come first at SE Health.

The Manager, Cybersecurity Risk is responsible for the operational execution and continuous improvement of SE Health’s cybersecurity governance, risk management and compliance programs. The role translates cybersecurity strategy into repeatable processes, controls and assurance activities that support regulatory readiness and strengthen SE Health’s overall security posture.

The Manager leads and develops a team of cybersecurity analysts, ensuring consistent execution of cybersecurity governance, risk and compliance activities across the organization. The role maintains alignment with cybersecurity-focused regulatory and industry standards such as ISO 27001, NIST CSF, SOC 2, and the cybersecurity requirements of PHIPA and PIPEDA, and collaborates across departments to enhance audit readiness, control effectiveness, vendor oversight and accountability in the management of cybersecurity risk.

• Maintains, operationalizes and continuously improves approved cybersecurity governance frameworks, policies and standards.
• Ensures policies and standards remain aligned with regulatory requirements, internal controls and the cybersecurity strategy. Coordinates with Privacy team to ensure alignment where security and privacy requirements intersect.
• Leads and mentors their team in the development, review and lifecycle management of cybersecurity governance documents, including security policies, technical standards, security procedures and control requirements.
• Supports the Director, Cyber Security in promoting consistent policy adoption and ensuring clarity of roles, responsibilities and control expectations across the organization.

• Manages the execution of cybersecurity risk identification, assessment and mitigation planning processes, including maintenance of the cyber risk register.
• Prepares risk treatment and risk acceptance recommendations for review and approval by Cyber Security management.
• Ensures that control testing, validation and documentation meet compliance and assurance requirements.
• Monitors the status of risk mitigation activities and provides timely updates to Cyber Security management to support informed decision-making.
• Supports analysts in interpreting risk outcomes and applying consistent risk scoring and documentation practices.

• Manage end-to-end internal and external cybersecurity audit readiness and security assessments, including evidence collection for security controls, security control testing results, technical documentation submissions and security finding remediation tracking.
• Maintains readiness for certification and compliance audits (ISO 27001, SOC 2, etc.), ensuring documentation and control requirements are met.
• Supports audit finding remediation efforts by partnering with control owners and tracking progress to closure.

• Manages third-party cybersecurity risk assessments focused on vendor security controls, infrastructure security, access management, data encryption, incident response capabilities and technical security requirements, including risk scoring, documentation and remediation tracking. Coordinates with Privacy team on data protection impact assessments (PIAs) where cybersecurity controls intersect with privacy requirements.
• Escalates…