Consulting Data Security Consultant Professional Toronto, CA

As a Senior Data Security Manager, you will help enterprise clients design, implement, and optimize their encryption, quantum-safe security, and PKI strategies. This role also involves advisory and implementation support for data discovery and privacy initiatives, ensuring compliance with Canadian regulations such as PIPEDA, Law 25 (Québec), and sector-specific standards.

As a trusted advisor, you will work with CISOs, security architects, and compliance teams to build robust cryptographic and data security solutions that align with business needs and regulatory requirements.

Your role and responsibilities

Key Responsibilities

1. Primary Focus: Encryption, Quantum-Safe Security, and PKI
2. Design and implement enterprise encryption strategies, including data-at-rest, data-in-transit, and data-in-use protection.
3. Lead the transition to quantum-safe cryptography, assessing risks and adopting post-quantum algorithms.
4. Architect and deploy Public Key Infrastructure (PKI), including certificate lifecycle management, HSM integration, and key management solutions.
5. Develop cryptographic policies and advise on best practices for key rotation, algorithm selection, and quantum-safe readiness.
6. Evaluate and integrate hardware security modules (HSMs), cloud KMS, and crypto agility frameworks.
7. Ensure cryptographic compliance with Canadian federal and provincial regulations (e.g., PIPEDA, Law 25, PCI DSS, and Government of Canada IT Security Standards).

Secondary Focus: Data Discovery & Privacy

1. Assist clients in deploying data discovery and classification tools to identify and protect sensitive information in compliance with Canadian privacy laws.
2. Implement privacy-enhancing technologies (PETs), including tokenization, pseudonymization, and differential privacy.
3. Provide expertise on PIPEDA, Québec’s Law 25, FOIPPA (British Columbia and Alberta), and other data protection frameworks.
4. Develop risk assessments for data sovereignty, cross-border data transfers (U.S. CLOUD Act risks), and encryption-based data controls.
5. Ensure cryptographic solutions align with Canadian government and financial sector compliance requirements.

Required education

Bachelor's Degree

Required technical and professional expertise

• 10+ years in cybersecurity with a focus on cryptography, PKI, and encryption.
• Hands-on experience with HSMs (Thales, Entrust, AWS CloudHSM), KMS (AWS KMS, Azure Key Vault, Google Cloud KMS), and PKI solutions.
• Expertise in quantum-safe cryptography, including NIST PQC standards and migration strategies.
• Knowledge of cryptographic libraries such as OpenSSL, Bouncy Castle, KMIP, and Microsoft CNG.
• Experience with data discovery tools (Qohash, BigID, Varonis, Spirion) and privacy-enhancing technologies.
• Strong understanding of Canadian regulatory frameworks: PIPEDA, Québec’s Law 25, FOIPPA, OSFI Guidelines, PCI DSS, and Government of Canada IT Security Standards.

Preferred technical and professional experience

• Certifications like CISSP, CCSP, CISM, CEH, or specific cryptographic certifications (CISSP-ISSAP, CCSP, etc.).
• Hands-on experience with container security (Kubernetes, Istio) and cloud-native cryptographic controls.