Information and Applications Security Manager

Full-Time | Permanent
Location: Remote with monthly Site Visits in Northeast BC
Client: Confidential

• Own and shape the security strategy for a mission‑critical, 24/7 operating environment
• High‑impact leadership role with direct visibility to senior technology leadership
• Hands‑on influence across IT, applications, infrastructure, and OT‑adjacent systems
• Stable, permanent role within a well‑established organization and modern IT ecosystem
• Opportunity to lead, mentor, and grow a security‑focused team
• Work in a unique environment where your decisions directly protect operations, people, and data

As the Information & Application Security Manager, you will lead the development, execution, and continuous improvement of the organization’s cyber and application security program.

Reporting to the Senior Director of Technology, you will be responsible for protecting applications, infrastructure, networks, and data against evolving threats in a 24/7 mining production environment.

This is a hands‑on leadership role, you’ll define security strategy and policy, oversee tools and technologies, manage incidents, and act as a key decision‑maker during security events.

• Lead the cybersecurity and application security strategy, roadmap, and policies
• Implement and manage role‑based access control (RBAC) and identity & access management
• Oversee security systems including email security, firewalls, endpoint protection, encryption, patching, vulnerability scanning, and penetration testing
• Act as a first responder during security incidents, leading threat isolation and containment
• Monitor alerts, logs, and system activity across infrastructure and applications
• Own the security incident response and disaster recovery plans
• Ensure compliance with internal policies, vendor standards, and regulatory requirements
• Partner with IT Operations, Legal, Audit, and HR on governance and risk management
• Prepare and present security metrics, risk assessments, and compliance reports to senior leadership
• Train IT staff and employees on cybersecurity awareness and best practices
• Support data center and site security, including occasional mine‑site visits

• 3-5 years of experience in IT security leadership or management
• At least 8 years’ experience in IT Security
• Proven experience implementing security policies, access controls, and compliance frameworks
• Strong hands‑on experience with:
• Active Directory, Azure AD, Exchange, SharePoint, SQL Databases
• Network security (Cisco switches/routers, firewalls, gateways)
• Security tools such as CrowdStrike, Proofpoint, Ironscales, Cisco ISE
• Solid understanding of application security principles and secure system design
• Experience working in data center and virtualized environments (VMware required; Nutanix an asset)
• Strong knowledge of security frameworks and standards: OWASP, ISO 27001, NIST
• Experience with audits, risk assessments, and regulatory compliance
• Ability to stay calm, decisive, and responsive in high‑pressure incident scenarios

• Security certifications such as CISSP, CISM, CSSLP
• Cisco or networking certifications
• Project Management certification (PMP)
• Experience in industrial, mining, or 24/7 operational environments

This role is ideal for a security leader who wants real ownership, real impact, and real responsibility, not just policy on paper. You’ll protect critical systems, influence enterprise‑wide security decisions, and be a trusted voice at the leadership table.

If you’re looking for a role where your expertise truly matters and where security is taken seriously, this is it.