Cybersecurity Lead

At Vortex, we have been bringing communities, businesses, and families together with innovative aquatic structures since 1995. We are proud to have created 10 000 custom installations spanning 50 countries and 5 continents! Vortex creates precious memories for thousands of families around the world every day.

If you want an exciting career in an environment that values innovation and collaboration, we’d love to hear from you. We welcome all applicants and are committed to diversity, equity and ensuring everyone is empowered to succeed.

We’re seeking a strategic and hands-on Cybersecurity Lead to join our growing IT team. In this role, you will be responsible for developing and executing the organization’s cybersecurity strategy to safeguard our systems, data, and infrastructure. You will play a critical role in identifying risks, enforcing compliance, and ensuring our information assets are protected from evolving threats.

If you are passionate about data security, have experience with industry-standard security frameworks, and are ready to lead security initiatives for a growing company, we welcome you to join our team.

Responsibilities

As a Cybersecurity Lead, you will:

• Develop, implement, and maintain a company-wide cybersecurity strategy and roadmap aligned with business objectives.
• Identify and assess cybersecurity risks, threats, and vulnerabilities through regular security assessments and audits.
• Lead the organization’s incident detection and response efforts, including post-incident analysis and reporting.
• Establish and enforce cybersecurity policies, standards, and procedures in compliance with regulations (e.g., ISO 27001, NIST, GDPR, Law 25).
• Collaborate with IT, digital transformation, and business units to embed security into infrastructure, software development, and operational workflows.
• Oversee the deployment and management of cybersecurity tools (e.g., SIEM, firewalls, intrusion detection/prevention, endpoint protection).
• Manage the implementation of data encryption, access controls, and identity management protocols.
• Conduct internal awareness training to foster a security-first culture.
• Lead vulnerability management programs, including penetration testing and remediation planning.
• Monitor and report on the effectiveness of cybersecurity programs to leadership and audit stakeholders.
• Stay current on emerging threats, zero-day vulnerabilities, and technological advancements.

The ideal candidate will demonstrate:

• Strategic Thinking: Ability to align cybersecurity initiatives with business strategy and risk tolerance.
• Technical Expertise: Deep understanding of security technologies, protocols, and tools across on-premises and cloud environments.
• Risk Management: Skilled in assessing and mitigating security risks across IT systems, networks, and third-party vendors.
• Crisis Leadership: Ability to lead calmly and effectively in high-pressure situations such as security incidents or breaches.
• Project Management: Strong organizational skills to manage security projects from inception to implementation.
• Communication: Clear and effective communicator with both technical and non-technical stakeholders.
• Collaboration: Works cross-functionally with IT, compliance, legal, HR, and executive leadership.
• Governance & Compliance: Familiarity with frameworks and compliance requirements such as ISO 27001, NIST, CIS, GDPR, and Law 25 (Quebec).

Experience & Training

Required qualifications include:

• Bachelor’s or master’s degree in computer science, Information Security, Cybersecurity, or a related field.
• 5+ years of progressive experience in cybersecurity, including a minimum of 2 years in a leadership or strategic capacity.
• Proven track record in implementing cybersecurity frameworks and controls (e.g., NIST CSF, ISO 27001, CIS Controls).
• Practical experience with incident response, forensic investigations, disaster recovery, and business continuity planning.
• Hands-on expertise in vulnerability scanning, penetration testing, and threat hunting.
• Understanding of cloud security principles (Azure, AWS, GCP), with the ability to support and contribute to cloud security practices.
• Proficiency with security tools like antivirus, firewalls, IAM, and encryption, with the ability to recommend advanced solutions as needed (e.g., SIEM/XDR).
• Relevant certifications such as CISSP, CISM, CISA, or CEH are considered strong assets.
• Bilingualism (French and English) is an asset for compliance with regional stakeholders and legal requirements.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  Recreational Facilities and Manufacturing

Referrals increase your chances of interviewing at Vortex Aquatic Structures International by 2x

Greater Montreal Metropolitan Area 2 hours ago

Montreal, Quebec, Canada CA$80.00-CA$85.00 5 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.