Chief Information Security Officer

Reference #: 7879
Location: Nunavut
Type: Sub-contract

Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. This role is instrumental in ensuring client systems and initiatives adhere to security best practices, safeguarding the integrity and confidentiality of client operations and services.

Key Duties and Responsibilities:

• Program Development:
  • Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
  • Develop a governance framework to support compliance with relevant laws, regulations, and best practices; and
  • Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
• Operational Planning:
  • Create an operational plan for implementing the security program, outlining timelines, resource requirements, and key milestones;
  • Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; and
  • Develop an incident response plan and disaster recovery protocols.
• Participation in Projects:
  • Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
  • Conduct security reviews and assessments during project lifecycles to identify and address risks; and
  • Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
• Stakeholder Engagement:
  • Work with departments, agencies, and third-party stakeholders to align security initiatives with operational goals; and
  • Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
• Training and Awareness:
  • Develop and implement a cybersecurity training and awareness program for employees at all levels; and
  • Promote a culture of security within the workforce.
• Monitoring and Continuous Improvement:
  • Establish mechanisms for continuous monitoring and reporting on the security program’s effectiveness; and
  • Stay abreast of new threats, vulnerabilities, and advancements in security technologies to ensure the program remains current and effective.
• Technical Expertise:
  • Recommend and assist in deploying security tools and technologies, such as firewalls, intrusion detection systems, and encryption; and
  • Oversee the design of secure architecture for IT systems and infrastructure.
• Compliance and Reporting:
  • Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); and
  • Prepare detailed reports and presentations for executive leadership and external audits.

Donna Cona is committed to a diverse, equitable and inclusive workplace. We are an equal opportunity employer. We don’t discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. We are committed to maintaining a barrier free recruitment process by providing equal employment opportunities through recruiting and retention of individuals.

• To apply for this position please complete the form below.
• Name First Last
• Email *
• Daytime Phone *
• City *
• Province/State *
• Attach Cover Letter and Resume * Max. file size: 20 MB. Please note that these must be in one document, and can be in .docx, .doc, .pdf or .rtf formats