Director of Information Security overseeing governance, risk, and compliance functions at Aecon. Leading security operations and architecture to enhance enterprise security maturity.
Responsibilities
Own enterprise security policy framework and risk management program aligned to NIST CSF and ISO 27001.
Oversee audits, regulatory assessments, and third-party risk management.
Ensure organizational compliance with CMMC 2.0 (US), CPCSC (Canada) and all other relevant security frameworks/regulations.
Lead 24×7 incident detection and response, threat intelligence, and vulnerability management.
Define security reference architectures and patterns (Zero Trust, cloud security).
Manage multi-million-dollar budget and work on negotiations for complex contracts (MSA/SLA/SOW).
Requirements
10+ years in Information Security; 5+ years leading GRC, SecOps, and Architecture teams.
Proven experience managing large enterprise budgets and vendor contracts.
Strong knowledge of NIST CSF, ISO 27001, SOC 2, SOC 1, and Canadian privacy regulations.
Working knowledge of CMMC 2.0 would be considered an asset.
Benefits
Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
Believe in helping you build your career through our Aecon University and Leadership Programs.
Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training, our Aecon Women in Trades and Aecon Diversity in Trades programs, and our Employee Resource Groups (ERGs) to ensure we are building inclusion into every aspect of our culture at Aecon.
Are a leader in sustainable construction. With a strong commitment to operating responsibly by minimizing our impact on the environment and surrounding communities.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.