Director, Information Security in Toronto at APEX Systems

Date Posted: 10/9/2019

Job Snapshot

Job Description

Job #:  1016719

Director, Information Security 
Contract: Permanent
Location: Mississauga
Company: Fleet/ Automotive
Job Description: 
The Director, Information Security will be tasked with scaling the enterprise security organization and driving the cybersecurity program to its next level of maturity. S/he will partner closely with leaders in IT and Internal Audit in implementing the framework for cybersecurity, as well as interact with broader executive leadership in communicating the evolving needs in cyber. This individual must establish a modernized and sustainable strategy for enterprise risk management, as well as the infrastructure requirements to support a cloud-based environment. In addition to maintaining information security programs, it will be required of the Director to interact directly with customers and address specific security needs. This will be a highly visible role internally and externally.
Duties: 

  • Assess current needs; develop, implement, and monitor a strategic, comprehensive enterprise-wide information security and risk management program to ensure the integrity, confidentiality, and availability of information owned, controlled or processed by the company 
  • Lead security strategy, prioritizing client and enterprise data, and coordinate the evaluation, deployment, and management of current and future security technologies
  • Oversee critical cybersecurity areas including incident response, disaster recovery, awareness, monitoring, remediation, and information governance.
  • Oversee the development and enforcement of security policies and procedures based on industry-standard best practices.
  • Monitor the design and implementation of incident recovery and business continuity plans, procedures, audits, and enhancement
  • Build strong relationships across the enterprise in order to implement appropriate security controls for a cloud transformation
  • Partner closely with senior leadership, especially infrastructure and engineering, to ensure that all applications and platforms adhere to cybersecurity requirements, as well as secure processing systems.
  • Partner closely with senior leadership, especially infrastructure and engineering, to ensure that all applications and platforms adhere to cybersecurity requirements, as well as secure processing systems.

 
Qualifications
  • 10+ years of relevant information security experience with a minimum of 3 years at manager level
  • Experience communicating information security related concepts to a broad range of technical and non-technical audiences; will have to be an articulate and persuasive leader who can serve as an effective member of the senior leadership team
  • Exceptional communication skills necessary to advise and influence the senior management, R&D partners, external vendors and clients
  • Strategic leader who can drive a vision for cybersecurity while maintaining an execution-oriented for driving results; an entrepreneurial spirit; ability to serve as a hands-on leader
  • Technical background in cyber risk management, privacy, and incident response
  • Thorough understanding of IT systems and security tools, including methods, procedures, equipment and software used for delivery; deep understanding of Cloud, Internet of Things, and Database development
  • A track record of assessing threat and vulnerability from a business as well as a technical perspective and the ability to develop and champion affordable, efficient and timely security architectures and solutions that support growth of the enterprise’s business
  • Strong influencing skills to get things done; a collaborative approach with the ability to partner with business leaders across the enterprise
  • Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and digital forensics
  • Proponent of continuous improvement process and the ability to challenge the status quo
  • One or more of the following designations: CISSP, CISSP-ISSMP,CISM, CISA, GSLC, CCISO, CCEIT

 
Knowledge and Competencies
  • Accountable and Influential – Global accountability for providing information security assurance for the entire organization. Strong influence management skills are required to provide robust independent challenges and insights to business and senior stakeholders. High level of personal integrity, and the ability to professionally handle confidential matters and demonstrate the appropriate level of judgment and maturity in balanced risk decision making.
  • Intelligent and Creative – Ability to understand the complex geopolitical environment of crime, hacktivism and nation-state activity. Ability to integrate a deep knowledge of security implications of networks, systems and implications with business process and behavioral security concerns into a single risk picture.
  • Sense of Urgency – Ability to operate in a highly dynamic environment with the ability to respond and react decisively in a changing set of circumstances and priorities. Ability to quickly assess complex situations and take appropriate action, such as during security incidents.
  • Strategic – Ability to identify and plan for multi-year opportunities and is prepared to invest time and patience in order to harvest a long-term, multi-year approach.
  • Strong Communicator – Ability to communicate succinctly and clearly with peers, leadership, direct reports, and outside partner and stakeholders. Able to communicate at all levels up to and including the Board of Directors and external regulators. Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
  • Team Leader – Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. Project management skills; financial/budget management, scheduling and resource management.

 
 
 
 
 
 
 
 
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178-6178.