Choose a workplace that empowers your impact.
Join a global workplace where employees thrive. One that embraces diversity of thought, expertise and passion. A place where you can personalize your employee journey to be — and deliver — your best.
We are a leading global real estate investor, developer and manager. We combine our capital with our capabilities to create real estate that strengthens economies and communities. By prioritizing people, partnerships and places, we generate meaningful returns for OMERS members, enhance value for our capital partners and create a brighter world for our customers.
Join us to accelerate your growth & development, prioritize wellness, build connections, and support the communities where we live and work.
Don’t just work anywhere — come build tomorrow together with us.
Know someone at OMERS or Oxford Properties? Great! If you're referred, have them submit your name through Workday first. Then, watch for a unique link in your email to apply.
Why join us?
Be a key player in the world of Cybersecurity assurance and help protect our companies’ assets from a range of Cyber threats & vulnerabilities
Innovate, collaborate and succeed in a close-knit and supportive team environment.
Grow with us and shape your career – in a small team where talent is nurtured and your voice counts
We are looking for an analytical, forward-thinking and well-organized individual to join our growing team as a Security Assurance Analyst. Reporting to the Senior Service Assurance Analyst, you will play a key role in ensuring that Oxford Properties assets are meeting the requirements of its Operational Technology Cybersecurity Framework, and to partner with relevant stakeholders to develop and track risk mitigation plans where this is not the case.
We are looking for a highly organized person with strong communication skills, who can learn and apply new skills and concepts quickly. This role would suite someone with a background in business analysis, project coordination, audit, or even someone with a more administrative background who has the foundational skills required to be successful and is looking to take the next step in their career.
Roles & Responsibilities
As a member of this team, you will be responsible for:
Helping to manage and maintain the Operational Technology Cybersecurity Framework to measure the maturity of all of Oxford’s eligible assets and applications.
Undertaking annual assessments of relevant assets and ensuring that any findings and/or required remedial activities are appropriately actioned, prioritized, and tracked
Contributing to a range of operational risk assessments within the Data & Technology Service, attending regular meetings with business teams on risk status, recording incidents and follow-up checks on the completion of mitigating actions where applicable.
Undertaking regular/ ad-hoc risk analysis and activities to raise risk and controls awareness across the service.
Contributing to the assessment and management of any exceptions to current standards, policies and other security guidelines adopted by the service.
Working with colleagues across Oxford Technology & OMERS Data & Technology to assist with the development of operational risk management processes which integrate with key systems and services
Contributing to the development/ revision of standards, policies, and other cyber and enterprise security guidelines & where necessary providing training to stakeholders on these articles.
Assisting with the implementation of a cyber security training and awareness program for both Oxford employees and third-party partners who require access to Oxford systems and services
Working with managed service partners to ensure that robust cyber security controls are in place
Coordinating responses to assurance questionnaires from partners, tenants, and other stakeholder groups
Liaising with compliance and assurance professionals from other parts of the organization to ensure consistency, where possible, and to keep them apprised of relevant activities
Monitoring industry trends as it pertains to the evolving compliance landscape both from a regulatory perspective and to ensure alignment with best practices and industry standards
Working with key internal stakeholders at all levels to drive better risk awareness and to assist with informed risk-based decision making
Coordinating department activities in conjunction with mandated internal audit activities
Drafting reports and summaries of audit findings, as well as proofreading/editing reports and findings written by technical SMEs and other operational staff
Coordinating ad hoc audits of sites, applications, processes, or systems as the need arises
Contributing to a roadmap for cyber security and assurance in partnership with key stakeholders and team members and communicating the roadmap to stakeholders
Skills Set
To succeed in this role, you will be able to demonstrate that you:
Have a broad understanding of basic IT and Risk Management concepts ex. Risk assessment; risk measurement; risk mitigation techniques.
Are familiar with or willing to learn industry standard cyber security frameworks such as NIST, CIS, ISO, etc.
Are a fast learner who can comprehend and apply new concepts quickly
Comfortably move between working independently and as part of a highly collaborative team
Are adept at handling your workload and proactively seek guidance when needed
Can multitask and successfully set and adjust workload priorities as required
Possess and apply strong analytical, logical reasoning, and problem-solving skills
Are adept at understanding complex problems and communicating findings to technical and non-technical stakeholders, this would include the ability to articulate cyber security risk and compliance requirements in clear business language
Possess very strong verbal and written communication skills
Can explain complex concepts and arguments to individuals and groups
Actively listen to others to clarify own understanding
Ability to have difficult conversations with stakeholders and elicit required outcomes/information from them
Are flexible and can adapt well to change
Are a self-motivator and self-starter
We believe that time together in the office is important for OMERS and Oxford, the strength of our employees, and the work we do for our pension members. In delivering on our pension promise, keeping us connected to our work and each other, our flexible hybrid work guideline requires teams to come in to the office 3-4 days per week.
Oxford's purpose is to strengthen economies and communities through real estate.
Our people-first culture is at its best when our workforce reflects the communities where we live and work — and the customers we proudly serve.
From hire to retire, we are an equal opportunity employer committed to an inclusive, barrier-free recruitment and selection process that extends all the way through your employee experience. This sense of belonging and connection is cultivated up, down and across our global organization thanks to our vast network of Employee Resource Groups with executive leader sponsorship, our Purpose@Work committee and employee recognition programs.