Director of Business Unit Security Officer leading risk assessments and safeguarding IT solutions across Canadian Technology Business Units. Collaborating with the Head of Information Security and Risk Management for compliance and security awareness.
Responsibilities
Lead risk-based security assessments for new technologies and IT solutions across Canadian Technology Business Units
Safeguard cloud and on-premises environments by identifying threats, recommending controls, ensuring compliance, and driving remediation
Conduct formal risk assessments for technology systems and infrastructure (e.g., NIST RMF)
Identify compliance gaps, enforce security policies/standards, and drive timely remediation
Integrate security into workflows by partnering with technology teams (Agile/DevOps) and platform teams
Partner on RCSA initiatives to align with corporate and regulatory requirements
Manage audits, regulatory reviews, and second line of defense queries; provide evidence and mitigation plans
Define, track, and report remediation programs and corrective actions to meet regulatory requirements and global standards
Review, update, and socialize security policies, patterns, and guardrails across the organization
Offer consulting expertise to Business Unit Technology leaders to align with global security objectives
Represent the Canadian division in global security planning and standards
Build strategic partnerships with counterparts in technology, business and global cybersecurity teams; raise awareness of emerging cyber threats specific to their operations
Build deep knowledge of the Canadian segment and BUs’ or equivalent experience business processes and products to tailor risk mentorship
Report important metrics, control effectiveness, and risk posture; maintain customer dashboards and briefings
Continuously refine processes based on industry trends, threat intelligence, and audit findings
Delegate, lead, and mentor teams with the autonomy needed to facilitate decision-making
Requirements
10+ years in information security and risk management, including 5+ years in leadership roles
Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
Professional certifications: CISSP, CISM, CRISC (or equivalent)
Deep understanding of security and risk management frameworks (ISO 27001, NIST, COBIT) and relevant regulations (e.g., GDPR, SOX)
Deep technical knowledge and hands-on experience in: Cloud and network security, Cryptography and key management, Identity and Access Management (IAM), Application security (SDLC, SAST/DAST, threat modeling)
Experience working in Agile/DevOps environments and integrating security into CI/CD
Superb communication, consulting, and influencing skills; ability to tailor messages to technical and executive audiences
Strategic problem solver with analytical and innovative capabilities; proactive approach to issue remediation
Skilled in customer management, alignment, and cross-functional collaboration
Ability to foster a culture of security awareness across the Canadian segment
Good interpersonal skills for engaging diverse communities and executive customers.
Benefits
Health, dental, mental health, and vision insurance
Short- and long-term disability insurance
Life and AD&D insurance coverage
Adoption/surrogacy and wellness benefits
Employee/family assistance plans
Various retirement savings plans including pension and global share ownership plan with employer matching
Financial education and counseling resources
Generous paid time off including holidays, vacation, personal, and sick days
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.