Information Security Program Manager

Please Note: If you are a current Algonquin College employee apply to this job via the Workday application.

Department: Information Security

Position Type: Full-Time Administrative

Salary Range: $104,333.00 - $139,110.00 Annual

Scheduled Weekly Hours: 36.25

Anticipated Start Date: January 05 2026

Length of Contract: N/A

This job posting is now accepting applications from all qualified individuals.

Posting Closing Date: October 31 2025

Please note: jobs are posted until 11:59 pm on the job closing date.

As the Information Security Program Manager the incumbent is responsible for managing and supervising the College's Information Security Program including the oversight of a team of cybersecurity professionals and Senior Cybersecurity Strategists within the Information Security & Privacy (IS&P) team. The incumbent leads the planning and execution of security operations program development and the alignment of cybersecurity initiatives with institutional risk and compliance objectives.

This position plays a critical role in addressing the growing complexity and impact of regulatory compliance operational disruptions third‑party risks and evolving cyber threats. An integrated and risk‑informed security and compliance program is necessary to protect the College's digital assets, ensure business continuity and support institutional goals. The incumbent ensures that the College is positioned to manage cybersecurity risk in a way that enhances operational resilience and institutional reputation.

The incumbent is responsible for identifying, evaluating and reporting on cybersecurity risks in a manner that complies with regulatory requirements, aligns with privacy legislation and supports the overall risk posture of the College. This includes leading the implementation and continuous improvement of the College's information security operations including: Threat and Vulnerability Management (TVM) Program, Identity and Access Management (IAM) Roadmap, Information Security & Privacy Awareness Training, Security Operations Center (SOC) and coordinating with the Privacy Program Manager to ensure alignment with the College's privacy strategy directives, policies and standards.

The TVM Framework defines a comprehensive process for identifying, classifying, remediating and mitigating vulnerabilities across College IT systems. The incumbent ensures that tools and technologies used for threat intelligence and vulnerability scanning are properly integrated to provide accurate reporting, visibility and response capabilities.

Under the administrative direction of the Associate Director of Information Security and Privacy, the incumbent leads and manages strategic and operational activities related to cybersecurity including the execution of roadmaps, conduction of Information Security & Privacy Risk Assessments, ensuring the continuous update of the College's Cybersecurity Incident Response Plan. The incumbent also ensures coordination of tasks and implementation of recommendations and mitigations by college stakeholders.

The incumbent proactively detects, monitors and mitigates vulnerabilities using enterprise security tools and establishes governance rules to manage risk across the College's information technology assets. This includes supporting secure software development practices and setting technical standards to limit the use of high‑risk components and packages.

As a leader in the IS&P team, the incumbent is accountable for supervising team performance, providing feedback for performance management processes and acting on behalf of the Associate Director when required. They manage vendor relationships, oversee operational security tasks and coordinate with internal and external stakeholders to align activities with College strategic priorities and compliance obligations.

The incumbent will also be responsible for collecting, analyzing and reporting key performance and risk metrics to senior management and the Algonquin College Executive Team (ACET). These insights support evidence‑based decision‑making and ensure that the College maintains a progressive risk‑based and values‑driven cybersecurity program.

A four (4) year degree in Computer Science, Computer Engineering, Management Information Systems or equivalent field of study.

The following professional designations are required: CISSP, ITIL, CISM, Azure certification.

Requires a minimum of 9 years cumulative experience in Information Technology (7 years will be accepted if incumbent possesses a Masters in a Computer related field) with 4 consecutive years directly focused on Information Security management.

Experience working with the knowledge gained through Information Security training organizations such as ISC2, ISACA and SANS.

Experience conducting detailed security threats and risk assessment and guiding toward sound implementation approaches.

Experience and ability to leverage multi‑cloud security solutions.

Experience in Threat and Vulnerability Management and advanced threat and vulnerability detection technologies.

Ability to stay current on emerging threats, technologies and best practices to advise/consult for diverse internal business units.

Strong knowledge of cybersecurity frameworks and industry‑leading practices such as OWASP, NIST CSF, PCI DSS, Canadian Center for Cyber Security.

Experience and strong knowledge of a wide variety of tools used for API, Web & Mobile Application Security Assessments, Penetration Testing and Source Code Reviews such as Nessus, Qualys, Nexpose, Metasploit, Burpsuite, Kali Linux (and tools included in Kali Linux), PowerSploit and other web application scanners such as HP Web Inspect, etc.

Experience developing comprehensive and accurate Threat Vulnerability and Risk Assessment reports and presentations for both technical and executive audiences.

Experience researching and drafting information security technical standards, guidelines, processes and procedures.

Experience working with and presenting to upper management and senior executives.

Excellent communication skills. Able to communicate well at varying levels of the College hierarchy.

Excellent understanding of application development and systems development life cycle methodologies.

Strong process engineering/design skills.

Strong facilitation interpersonal and presentation skills.

Results driven and self‑motivated.

Critical thinking and problem solving skills.

Customer focused with strong analytical skills.

Excellent leadership, motivational and conflict resolution skills.

This position is eligible for hybrid work in conjunction with the College's Flexible Work Arrangement Policy (subject to change).

Algonquin College values diversity and is an equal opportunity employer. We offer an inclusive work environment and encourage applications from all qualified individuals. If you require accommodation during the recruitment process please contact the Human Resources department. While we thank all those who apply, only those to be interviewed will be contacted.