The Director, IT & Security will be a senior member of the Business Operations department. The role will have direct responsibility for detection & monitoring operations, incident response and threat identification initiatives as well as responsibility for overseeing all aspects of our IT and security operations. The role will lead a small team and be hands-on with strong influence skills and ability to balance day-to-day execution with strategy. The successful candidate must have a proven track-record of working closely with internal and external stakeholders to understand and safeguard the assets, people, and processes across a global company.
Responsibilities:
- Lead security operations, monitor emerging threats, oversee incident response and procedures and capabilities, enable outcomes-based metrics, and work closely with internal and external stakeholders for incident responses to determine appropriate courses of actions.
- Develop and implement industry standard cyber controls and threat analytics.
- Identify and drive the end-to-end remediation of discovered or potential security vulnerabilities and mature operational security processes and procedures.
- Execute periodic security testing and reviews, promptly remediate any findings, and ensure policies, controls, and procedures are effective, documented, and understood by relevant stakeholders/roles through training and education.
- With R&D leadership, enhance the Cloud security framework, including prevention, detection, and response controls for all Cloud environments, and drive DevSecOps adoption across the entire software development lifecycle by enabling tools, processes, and framework.
- Lead the development and implementation of disaster recovery and business continuity plans
- Manage the IT infrastructure and ensure that it is operating efficiently and effectively
- Develop and implement IT policies and procedures to ensure that all systems and applications are secure and compliant
- Manage a small team of IT and security professionals and provide guidance as needed
- Ensure that all projects are delivered on time, within budget, and to the required level of quality
Want more jobs like this?
Get Computer and IT jobs in Toronto, Canada delivered to your inbox every week.
Qualifications:
- Bachelor Degree, with a technology or business emphasis, or equivalent education and experience.
- Proven track record of managing, inspiring and motivating a team of IT and security professionals
- Possess one or more of the following industry certifications:
- CISSP / CISA / CISM
- CCSP – Certified Cloud Security Professional
- SABSA - Security Architecture
- Other industry recognized Information Security certifications
- Demonstrated knowledge of current cloud platforms, services and security best practices for their protection
- Demonstrated knowledge and understanding of information security industry standards (e.g. ISO17799, ISO27001, ISO27018, NIST, COBIT, ITIL, etc), and legislative/regulatory requirements (e.g. SAS-70, SOX, B198, GDPR, PIPEDA, etc)
- Minimum of 7-10 years experience in information security including:
- Security Management, Policy & Procedure development, Governance Frameworks, Security Programs
- Developing and implementing cloud security architectures
- Risk Assessment, Risk Management
- Security Architecture, IS Infrastructure Processes
- Operational security (network architecture, application, systems)
- Adaptable to new technologies and challenges not previously encountered
- Able to build strong relationships and communicate effectively with a diverse set of stakeholders, including business leaders, operational staff and engineers