Job Description

Job ID

1949

Work Type

Hybrid

Business unit

Client Experience and Technology

Pay grade

M - OTH

Apply before

08 September 2025

Number of openings

1

Posting type

Internal & External

At ATB, we exist to make it possible for our clients, team members and communities. Our purpose is more than aspirational. It's a real commitment we live every day through our values (what we call the ATB ID).


Life at ATB is about more than work. In fact, we're consistently recognized as one of Canada's top employers thanks to our high-care, high-performance culture, upheld by the three commitments we make to our team members:

Impact in action:

No matter where you are in the organization, you're empowered to make an impact in the lives of our clients and communities.

Thrive together:

We want you--the unique, authentic you--to feel safe and celebrated at work. We're on a continuous journey to build the most flexible and inclusive programs.

Ready for tomorrow:

We want to enable your success through interesting and challenging work, performance enablement, and learning and development.


About the role

Please note:

This is a

temporary 12-month term

opportunity.

As ATB's next Senior Manager, Supplier Risk Governance and Security Awareness,

you will play a pivotal role in shaping the future of the Supplier Risk Governance and Security Awareness teams. You will be a key leader responsible for guiding the strategic development and operational execution of these critical areas. The successful candidate will possess a blend of strategic vision, operational expertise and interpersonal skills.


Accountabilities

Develop and implement a comprehensive strategic vision for supplier risk governance, security awareness, and social engineering defenses

, aligning with overall business goals and evolving threat landscapes.

Establish and prioritize tactical objectives and initiatives

to effectively manage third-party risks, enhance organizational security posture, and mitigate social engineering threats.

Provide expert mentorship, coaching, and strategic direction

to team members, fostering a high-performance culture in supplier risk management and security awareness.

Oversee and present robust program reporting

including key performance indicators (KPIs) for third-party risk posture, security awareness metrics, social engineering incident rates, STIP impacts, risk reporting to senior leadership, and compliance against relevant industry standards.

Drive and oversee compliance with a multitude of frameworks, regulatory requirements, and established third-party security standards

(e.g., NIST) within the supplier ecosystem and across internal security awareness initiatives.

Lead the continuous enhancement of the Supplier Risk Governance program processes

, specifically focusing on robust third-party due diligence, ongoing monitoring, and incident response, while ensuring strict adherence to frameworks like NIST and first-line risk management principles.

Proactively identify and analyze emerging risks and trends

in the supplier and security landscape (including advanced persistent threats and evolving social engineering tactics), and strategically adapt the organizational approach to address them.

Champion and foster a pervasive culture of security awareness across the entire organization

, implementing targeted training programs (including simulated social engineering exercises), promoting best practices, and ensuring strict compliance with internal policies and third-party security requirements.

Cultivate and leverage strategic relationships across ATB

and with key third-party partners to drive collaborative efforts in risk mitigation, security enhancement, and the adoption of industry best practices.
Skills, experience & requirements

Demonstrated expertise in developing, implementing, and maturing cybersecurity risk assessment and governance frameworks

, with a specific focus on third-party risk management and compliance with industry standards (e.g., NIST).

Proven ability to strategically define, create, and manage comprehensive metrics and reporting dashboards

that effectively communicate the posture of supplier risk, security awareness program effectiveness, and social engineering defense mechanisms to executive leadership and relevant stakeholders.

5-7 years of progressive experience in a leadership role within cybersecurity

, with a strong background in supplier risk management, security awareness program development, and social engineering mitigation strategies.

Deep knowledge and practical experience in Third-Party Cybersecurity Risk management

, including vendor due diligence, ongoing monitoring, contract reviews, and incident response specifically within the context of external partnerships and third-party standards.

Exceptional communication skills, both written and verbal, with a proven ability to articulate complex technical concepts

into clear, concise, and actionable information for executive-level audiences, fostering strategic decision-making and buy-in for security initiatives.

Highly collaborative and influential, with excellent interpersonal skills

to effectively work with diverse internal teams (e.g., legal, procurement, IT) and external third-party partners to identify needs, solve complex problems, and drive consensus on security best practices and risk mitigation strategies.

Demonstrated strong leadership capabilities in building, mentoring, and inspiring diverse and multi-layered teams

, fostering a culture of continuous improvement, strategic thinking, and accountability in managing supplier risk and enhancing organizational security.

Advanced proficiency in Google Workspace applications (Sheets, Slides, Docs)

for developing professional reports, presentations, and collaborative documents to support strategic planning and operational execution.

Don't meet all the requirements on the list?

A resume only goes so far in expressing who you are and the unique perspectives you bring. If you believe your skills and experience align with the role--but you might not check all the boxes--we want to hear from you. We encourage candidates from all work backgrounds, equity-seeking communities and experience levels to apply. If you're seeking a career where your drive, perspective and growth are celebrated, we want to hear from you.


We're dedicated to building a workforce reflective of those within our communities, and a culture where our team members are equipped with what they need to succeed--their way. Part of creating an inclusive workplace is recognizing our role in advancing Truth and Reconciliation. We are committed to meeting and exceeding the standards set out in the Partnership Accreditation in Indigenous Relations program created by the Canadian Council for Aboriginal Business.

What happens next?

If you are shortlisted, you'll hear from us after the posting closes. Check out our How We Hire page to learn more about our hiring process. If you need any accommodations throughout this process, please let us know at talentteam@atb.com

Stay in touch

We're excited that you're interested in a career with ATB. Follow us on LinkedIn, Facebook and Instagram to learn more about what our team is up to.