Senior Information Security and Compliance Manager

We are seeking an experienced and proactive Senior Information Security and Compliance Manager to join our team. This individual will be responsible for managing enterprise-wide security initiatives, ensuring compliance with industry standards, and driving the continuous improvement of our organization’s security posture. The ideal candidate will possess strong project management skills, detailed oriented, technical expertise with a wide variety of security tools and the ability to lead end-to-end security projects.

Accountabilities

Project Management

• Lead enterprise-wide security initiatives from inception to completion, ensuring all projects are delivered on time, within scope, and aligned with organizational goals.
• Maintain and manage the Security Project Register , ensuring updates are accurate, detailed, and reflect current status.

Technical Expertise

• Administer and optimize all the security solutions, ensuring effective data loss prevention strategies and compliance.
• Support and manage other security tools to strengthen overall security controls.
• Provide technical guidance and hands-on support for security training initiatives and other enterprise tools.

Security Incident Management

• Lead and coordinate security incident reviews , ensuring incidents are documented, investigated, and resolved effectively.
• Partner with cross-functional teams to conduct root cause analyses and implement preventative measures.

Compliance and Governance

• Ensure organizational compliance with industry regulations, policies, and standards (e.g., ISO 27001, PCI, SOCII, NIST).
• Monitor, audit, and enforce security controls, identifying areas for improvement.

Training and Awareness

• Design and deliver effective security training programs , fostering a culture of security awareness across the organization.
• Serve as a subject matter expert for security and compliance best practices.

Collaboration and Leadership

• Work closely with stakeholders, including IT, HR, Legal, and business units, to align security initiatives with organizational objectives.
• Serve as a trusted advisor to leadership on security risks, projects, and compliance efforts.

Knowledge and Skill Requirements

Level of Education

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in information security and compliance roles, with a proven track record of successful project management.

Technical Skills

• Hands-on experience with a wide variety of security tools including DLP, SIEM, WAF, Email Protection, CASB.
• Familiarity with security frameworks and standards (e.g., ISO 27001, PCI DSS 4.0, NIST).
• Strong understanding of incident response processes and root cause analysis methodologies.
• Ability to dive into networking configuration details and tying it back to security threats.

Project Management

• Demonstrated ability to manage multiple complex projects end-to-end.
• Strong organizational skills with attention to detail and accuracy.

Soft Skills

• Excellent communication and interpersonal skills, with the ability to work collaboratively across teams.
• Analytical and problem-solving mindset with a focus on results.

Preferred Qualifications

• Certifications such as CISSP, CISM, PMP, or equivalent.
• Experience leading successful security initiatives in medium-to-large organizations.
• Knowledge of Canada data privacy regulations (e.g., PIPEDA, Law25).

Apply for This Position

Manager Information Security • Toronto, Ontario, CA