Vice President, Enterprise Information Security

Job Title: Vice President, Enterprise Information Security

We are seeking a Vice President, Enterprise Information Security to join our team in Toronto or Winnipeg. Aligned to the Chief Information Office, as Vice President, Enterprise Information Security, you are a senior leader that supports enterprise, solution, security, data and infrastructure architecture domains. You are responsible to providing leadership for planning, developing, directing, and operating an innovative, trusted, and reliable information security program; to support the confidentiality, and integrity of systems, assets, and data of the People Corp. You will provide leadership to the security team of staff, which includes identity and access management, risk, and security operations.

The Vice President, Enterprise Information Security will :

• Lead the establishment of the information security governance structure by implementing a hierarchical governance program, including chairing the information security steering committee.
• Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program. Including the enhancement of current cyber security awareness training program for all stakeholders
• Develop and enhance an information security management framework to reduce and mitigate organizational risk in regular operations and acute transformation projects
• Work effectively with business units to facilitate information security risk assessments and risk management processes, empower teams to understand, own and determine the appropriate level of risk for their unit.
• Develop, socialize, and coordinate approval and implementation of security policies, report on progress to internal stakeholders including executive leadership. Build internal relationships to demonstrate value and ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
• Liaise with vendor management function to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations
• Build and nurture external networks consisting of industry peers, ecosystem partners, vendors, and other relevant parties to address common trends, findings, incidents and cybersecurity risks
• Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
• Liaise with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
• Lead and motivate the information security team to achieve tactical and strategic goals.

To be successful as a Vice President, Enterprise Information Security with People Corporation, you will need :

• Leadership, Engagement and Ownership – Able to function and motivate teams in high pressure environment. Comfortable leading direct and indirect reporting relationship to achieve business outcomes. Identifies abilities within a team and strengthens opportunities to build skill sets.
• Resilience – Functions well in an environment where there are competing priorities, multiple stakeholders, and takes the initiative to enact solutions with little direct oversight.
• Strategy and Program Planning – Able to take the bigger picture and break it down into manageable progressive steps to ensure progress is made on multiple projects. Drive business and cyber risk strategy alignment.
• Metrics – Effectively uses data to build, deliver and translate tactile information into trends and meaningful messages for senior leaders.
• Guardian – Protect business assets by understanding the threat landscape and managing, maintaining, and enhancing the effectiveness of the cyber risk program.
• Advisor – Integrate with the business to educate, advise, and influence activities with cyber risk implications. Ability to govern by influence rather than edit, help others manage information risk.
• A high level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Demonstrate a sense of urgency and commitment to high standards of ethics, regulatory compliance, and customer service, applying appropriate levels of security against risk.

All-star candidates will have :

• You have at least 8 years’ experience with Information Security and have a strong background in Technology and Risk Management.
• At least 5 years’ experience in a senior management role with proven ability to lead, motivate and inspire a team of security professionals.
• Experience with common information security management frameworks such as ISO / IEC 27001 and NIST
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience
• The following would be an added advantage - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.

• Learn by working alongside our experts
• Extended health care and dental benefits
• A retirement savings plan with company contributions
• A suite of Health & Wellness offerings
• Mental Health programs and support for you and your family
• Assistance for the completion of industry designations
• Competitive compensation

At People Corporation we are committed to helping businesses succeed. We are a national provider of benefits, retirement, wealth, wellness, and human resource solutions. Our experts and solutions serve over 20,000 clients representing nearly 3 million Canadians. We offer customized solutions designed to fit the unique needs of businesses and their employees, members and stakeholders.

Providing an inclusive, accessible environment, where all employees and clients feel valued, respected and supported is something we're committed to. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employeehas the opportunity toreach their potential.