Director of IT Security
New
CanadaFull-TimeDirector
Salary165,000 - 200,000 CAD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 7+ years of experience in cybersecurity, information security, or enterprise risk management; 3+ years of leadership experience
- Required Skills
- Cybersecurity
Requirements
- 7+ years of experience in cybersecurity, information security, or enterprise risk management.
- 3+ years of leadership experience managing or owning security programs in complex, distributed environments.
- Strong expertise in security frameworks such as SOC 2, ISO 27001, or NIST Cybersecurity Framework.
- Deep understanding of identity and access management, endpoint security, incident response, and vulnerability management.
- Experience working in cloud-first and SaaS environments (e.g., Google Workspace, Salesforce, Okta, NetSuite, or similar platforms).
- Proven ability to conduct risk assessments, threat modeling, and translate technical risks into business impact.
- Strong executive communication skills with experience presenting to senior leadership and stakeholders.
- Experience supporting remote or globally distributed teams in a security leadership capacity.
- Relevant certifications such as CISSP, CISM, or CRISC are strongly preferred.
Responsibilities
- Define and execute the enterprise cybersecurity strategy and roadmap aligned with business objectives and growth plans.
- Establish and maintain security governance frameworks, policies, standards, and procedures across the organization.
- Lead enterprise-wide risk assessments, threat modeling, and vulnerability management programs to identify and mitigate security risks.
- Oversee incident response planning, execution, tabletop exercises, and post-incident analysis to ensure operational readiness.
- Manage identity and access management, endpoint security, and privileged access controls across distributed systems.
- Drive compliance initiatives including SOC 2 and other relevant security frameworks, ensuring audit readiness and documentation accuracy.
- Conduct third-party vendor security assessments and ongoing risk monitoring of external partners and tools.
- Promote a security-first culture through awareness programs, training, and executive-level reporting on security posture and KPIs.
View Full Description & ApplyYou'll be redirected to the employer's site