Enable job alerts via email!

Senior Manager, Information Security & Compliance (CISO)

Black & McDonald Limited

Markham

Hybrid

CAD 90,000 - 150,000

Full time

6 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An established industry player is seeking a Senior Manager of Information Security & Compliance to lead their enterprise security program. This pivotal role involves collaborating with senior leadership to develop and implement security management strategies aligned with business goals. The ideal candidate will have a strong background in cybersecurity frameworks, risk management, and stakeholder engagement. This position offers a unique opportunity to influence security policies and enhance compliance while leading a dedicated IT team. Join a forward-thinking organization that values operational excellence and innovation in safeguarding information assets.

Qualifications

Proven experience in developing IT security architecture and improvement roadmaps.
Knowledge of security frameworks like COBIT 5 and ISO 27002.

Responsibilities

Lead the information security and compliance function.
Develop and implement information security management programs.
Monitor security standards for breach prevention and detection.

Skills

Information Security Management

Risk Management

Cybersecurity Compliance

Stakeholder Management

Incident Response

Education

Post-secondary education in IT

CISSP Certification

CCSP Certification

CISA Certification

CISM Certification

Tools

COBIT 5

ISO 27002

ITIL

Vulnerability Management Tools

Endpoint Security Management

Position: Senior Manager, Information Security & Compliance (CISO)

Location: Markham

Details: Full-time, hybrid

*No contractors, and no full-remote work*

The Company:

Founded over 100 years ago in 1921, Black & McDonald is an integrated, multi-trade service provider that safely delivers high-quality construction, facilities management, and technical solutions to government, institutional and industry clients. We are a forward-thinking organization with a strong track record of delivering customer-focused solutions and operational excellence.

Position Overview:

Reporting to the CIO and collaborating closely with the senior leadership, the Manager Information Security & Compliance (IS&C) is accountable for the enterprise information security program and related compliance and governance structures

The Manager, IS&C ensures security programs are in place to mitigate cyber risks, comply with regulatory requirements and to respond to incidents if/when they occur. In this position you will manage an IT team responsible for implementing programs as well as day-to-day security operations.

Key Accountabilities:

Leads information security and compliance function.
Develops and implements information security management program in accordance with recognized security and technology governance frameworks such as CIS, ISO and COBIT and in alignment with business priorities.
Collaborates with the CIO and other senior executives and officers to provide leadership, operational expertise and strategic direction to the organization and all operational teams.
Reviews IT and security governance structures, processes, & procedures to prevent security breaches, major incidents, and non-compliance with regulatory requirements.
Monitors and conducts ongoing assessmentsof security standards necessary for breach prevention, detection, and remediation.
Assesses security infrastructure, cloud environments, including access management, firewall protection, and vulnerability assessment and testing and makes recommendations for improvement.
Provides reports to executive management and other stakeholders on IT and security matters,
Delivers user education programs on security to support compliance objectives and improve security awareness.
Implements security incident response plans and serves as the response lead during incidents.
Facilitates development of IT and security policies, standards and procedures and performs ongoing assessments to ensure continuous improvement and reports on compliance.
Contributes to the business strategies and plans, bringing security and governance expertise; ensures the security strategies align with the company’s strategic goals.
Provides mentorship, staff development and participates in succession planning.
Coaches and develops team members on risk management.
Manages other initiatives as required.

Education and Qualification Requirements:

Post-secondary education in IT or a suitable combination of education and experience.
Industry certifications such as CISSP, CCSP, CISA, CISM or similar are expected.
Knowledgeable in frameworks such as COBIT 5, ISO 27002, and ITIL and using these to assess and address IT governance and control gaps in organizations.
Ability to develop policies and procedures relating to IT/security governance and educate IT colleagues on governance and controls issues, particularly segregation of duties, documentation standards required, audit logs and audit trails, etc.
Proven experience in overseeing/developing IT security architecture and security improvement roadmaps.
Experience with cloud computing environments
Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.
Ability to keep current with IT security developments and vulnerabilities.
Proven experience in relationship and stakeholder management.
Ability to obtain background checks and disclosure of personal and financial information if needed for access to restricted parts of our IT infrastructure.

Black & McDonald welcomes and encourages applications from persons with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the recruitment and selection process.

#L!-CO1

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.