Director, Cyber Security

We are currently recruiting a Director of Cyber Security to join their team of dedicated professionals. This role will be in Moncton, NB and offers a hybrid work environment.

The Director of Cybersecurity is responsible for leading and managing all aspects of Information Security across the enterprise. This role requires a strategic thinker with a deep understanding of cybersecurity principles, risk management, and regulatory compliance. The Director will provide visionary leadership to ensure the protection of business operations, optimization of security systems, and alignment with the organization's strategic goals. This position is accountable for defining, implementing, and administering AL's Information Security governance framework and structure, as well as maintaining the corporation's overall Information Security posture and monitoring program. The Director will work closely with the CIO to ensure that all information security services and deliveries meet legislative, regulatory, and policy compliance requirements.

Qualifications

• Master's or bachelor's degree in business, computer science, computer engineering, system University Degree or equivalent, with Computer Science / Systems background.
• Minimum of ten (10) years of experience, including at least 4 years of experience managing an IT functional area plus at least 6 years of experience in managing the development, execution and monitoring of information security.
• Proficient in access control, security operations, communications security, system architecture, development and maintenance, information security management, investigation and testing protocols, and application program security.
• Adept at translating strategic direction into actionable operational plans, ensuring clear communication and effective management.
• Recognized for exceptional communication skills.
• Proven ability to cultivate and sustain executive-level relationships and collaborate effectively with business unit operations.
• Known for exercising sound judgment and maintaining a high standard of integrity.
• Highly skilled in influencing business decisions and driving organizational change.
• Demonstrated success in managing staff to achieve their goals and deliver results.
• Strong leadership in developing and managing complex and dynamic environments.
• Thinks creatively with a strong business acumen and financial management skills, driving innovative solutions and strategic growth.

Assets (any of the certifications):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Certified Cloud Security Professional (CCSP)
• Certified in Risk and Information Systems Control (CRISC)
• GIAC Security Essentials (GSEC)

Responsibilities

Information Security Management:

• Develop and implement comprehensive information security strategies, policies, and procedures to protect AL's technology systems and data.
• Oversee the planning, implementation, and compliance oversight of security measures to safeguard against breaches and incidents.
• Conduct thorough investigations post-incident, including impact analysis and recommendations to prevent future vulnerabilities.
• Establish and manage an effective process for reporting security incidents and breaches.

Risk Management:

• Maintain a deep understanding of the IT threat landscape specific to the industry. Implement processes to identify, assess, manage, and mitigate security risks.
• Schedule and oversee external security assessments, including penetration and vulnerability tests.

Governance and Compliance:

• Define and administer the Information Security governance framework and structure.
• Ensure compliance with corporate policies, industry standards, and regulatory requirements.
• Develop and oversee information security policies and standards to support current and future business models. Responsible for working with key stakeholders across the Enterprise to identify NIST framework maturity targets and to create and execute action plans to achieve those objectives.

Leadership and Collaboration:

• Provide effective leadership, coaching, and guidance to the cybersecurity team.
• Foster a culture of security awareness and continuous improvement across the organization. Collaborate with the CIO and other senior leaders to align security initiatives with business objectives.

Training and Awareness:

• Oversee the development and delivery of an enterprise-wide information security training and awareness program. Ensure that employees are educated on security best practices and the importance of protecting sensitive information.

Business Continuity and Incident Response:

• Develop and maintain business continuity and disaster recovery plans related to information security.
• Lead the incident response team in the event of a security breach, ensuring swift and effective resolution.

Innovation and Continuous Improvement:

• Stay abreast of the latest cybersecurity trends, technologies, and best practices.
• Drive continuous improvement in security processes and technologies to enhance the organization's security posture.