Information Technology Security Consultant

Job Title: Information Security Consultant

Job Type: Part-time Contract (3–days/week, 8 hours per day)

Location: Burnaby, BC (Hybrid – 2 days onsite per week)

Hours per week: 24 to 32 hours per week

Start Date: ASAP

Rate: $95/hr T4 OR $110/hr to $115/hr Inc.

Overview

Our client is seeking an experienced Information Security Consultant with a strong background in the insurance or financial services sector. This role will focus on strengthening cybersecurity controls, protecting sensitive customer and policyholder data, and ensuring compliance with regulatory requirements. The consultant will collaborate closely with engineering, operations, and technology teams to assess risks, implement security best practices, and support secure system design across critical business platforms.

Key Responsibilities

• Conduct comprehensive security risk assessments across insurance systems, including claims, underwriting, policy administration, and customer-facing portals
• Evaluate existing security controls and recommend improvements to safeguard personally identifiable information (PII) and financial data
• Support compliance initiatives related to regulatory frameworks such as PCI-DSS, GLBA, NAIC, SOX, and GDPR
• Develop, implement, and enhance security policies, standards, and incident response procedures
• Perform vulnerability assessments and coordinate remediation efforts with internal engineering and IT teams
• Partner with technical teams to ensure timely patching and mitigation of identified risks
• Support third-party/vendor risk management, including due diligence for TPAs and technology partners
• Assist with security monitoring, incident response, and breach reporting activities
• Provide guidance on secure architecture for core insurance platforms, data environments, and cloud-based systems
• Collaborate cross-functionally to align security initiatives with business and operational goals

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience)
• 5–8+ years of hands-on experience in cybersecurity or information security roles
• Direct experience within the insurance or financial services industry
• Strong knowledge of GLBA and general information security risk management practices
• Experience with security frameworks such as NIST, ISO 27001, and CIS Controls
• Familiarity with identity and access management (IAM), data loss prevention (DLP), encryption, and network security
• Proven ability to work both strategically (policy, risk) and tactically (hands-on remediation coordination)

Preferred Qualifications

• Industry certifications such as CISSP, CISM, CISA, CRISC, or Security+
• Experience supporting PCI-DSS compliance and audit readiness
• Knowledge of fraud prevention, cyber risk, and data privacy programs
• Experience securing cloud environments (AWS, Azure, or GCP)
• Familiarity with vulnerability management and GRC tools (e.g., Nessus, Qualys, or similar)

Work Environment & Additional Details

• Opportunity to contribute to security strategy and hands-on remediation efforts