Job Specifications
Join nesto — proudly named Canadian Rocketship 2025*. A Deloitte Fast 50 company evolving alongside Canada’s top tech innovators and disrupting a 2.1 Trillion-dollar mortgage industry at light speed by building the mortgage ecosystem of the future.
BUILD lending technology with the best developers, AI engineers, and mortgage experts in the country. Work on a modern tech stack and a development framework designed to unlock your full potential and accelerate your career.
Why join us
Hypergrowth: Deloitte Fast 50 — 3 years in a row
Tech community credibility: TechTO Canadian Rocketship 2025*
Industry leadership: CLA Lending Company of the Year — 4 consecutive years
Talent magnet: CMP Top Mortgage Employer 2025
Trusted technology: powering major financial institutions across Canada
An entrepreneurial culture built on trust, speed, uncomfortable ambition, being stronger together, and a relentless obsession with our clients.
Who Are You
Builders. Problem-solvers. Curious minds. People who move fast, embrace innovation, and believe we’re stronger together.
If you trust your skills and want to build real technology that reshapes an entire industry, join us now.
About Nesto And Nesto Cloud
Nesto is Canada’s leading provider of mortgage technology and financing solutions, managing $73B+ CAD in residential and commercial mortgages, with 1,000+ team members across 12 offices nationwide. You will be working on Nesto Cloud, Canada’s most advanced cloud platform, delivering end-to-end technology solutions for lenders in the digital age.
About The Role
The Project Manager, Security is a critical new role established due to increased security initiatives and the immediate demand for a dedicated project management resource. This position will drive key security initiatives, such as SOC and MSSP migrations, which are essential for integrating security across the nesto Group (nesto, CMLS, and Intellifi) and supporting increased audit activities. Success requires strong project management skills, an IT/infrastructure background, and ideally GCP expertise, to coordinate security projects, ensure timely and high-quality completion, and maintain effective stakeholder communication.
You report directly to the VP of Security for security projects and functional duties, and you'll have a dotted reporting line to the Associate Director, IT Operations Project Management, who manages your day-to-day operational activities.
What You’ll Be Doing
Lead end-to-end project management for security initiatives such as IAM (Identity & Access Management), DLP, Business Resilience, vulnerability management, penetration testing, incident response programs, and yearly compliance audits (e.g., SOC 2, ISO 27001, 3402).
Support the implementation of security frameworks, standards, and controls in alignment with industry best practices (e.g., NIST CSF, CIS Controls).
Collaborate with technical teams (Security, Infrastructure, Application Support, IT Ops) and cross-functional stakeholders (Compliance, Legal, HR, Finance).
Develop and maintain project plans, schedules, budgets, RAID logs, and communication plans.
Track, monitor, and report on project status, risks, and issues to executive leadership and governance bodies.
Act as a liaison between security engineers and business units to translate technical requirements into actionable business deliverables.
Ensure change management, training, and awareness components are built into security projects.
Continuously improve PMO standards, documentation, and methodologies within the security program portfolio.
Who We Are Looking For
5+ years of project management experience, with at least 2–3 years in cybersecurity, risk management, or IT infrastructure projects.
Strong knowledge of security concepts (IAM, encryption, firewalls, cloud security, vulnerability management).
Familiarity with compliance frameworks such as SOC 2, ISO 27001, PCI DSS, GDPR.
Proven track record of managing cross-functional projects in complex, fast-paced environments.
Excellent communication and stakeholder management skills, including executive-level reporting.
Proficiency with project management tools (Asana, Jira, MS Project, Smartsheet, etc.).
Preferred (but Not a Must)
PMP or CAPM certification.
Security certifications such as CISSP, CISM, CISA, or CompTIA Security+.
Experience working in FinTech, financial services, or highly regulated industries.
Background in cloud environments (Azure, AWS, GCP) security projects.
Bilingualism: French and English.
The Reward
The A-Team: Work alongside high-performing talent in the industry.
Accelerated Growth: The slope of your learning curve here will be vertical. You will touch more production systems in one year than you would in five years at a bank.
Top-Tier Coverage: Premium benefits plan fully paid by nesto, including comprehensive insurance and unlimited access to telemedicine and mental health services for you and your family.
Rest & Recharge: 4 weeks of vacation