Head of Information Security
4 days ago
WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients.
The role of Head of Information Security reports to our Chief Information Security Officer and is responsible for leading a team of Business and Regional Information Security Officers across WSPs global business. It is a primarily internally facing role, though it may involve some interaction with clients and third parties.
This position requires a senior management professional with relevant experience and a strong working knowledge of IT security, risk management, regulatory compliance, information and public cloud service technology, IT operations management principles, and third-party security management.
Responsibilities:
- Information Security Strategy: Collaborate with the CISO to define the organization's information security strategy, vision, and goals. Translate strategic objectives into actionable plans and initiatives that align with business objectives and industry best practices.
- Team Leadership: Lead and manage a team of Information Security Officers located across WSPs regions. Provide guidance, mentorship, and support to ensure their professional development and effective execution of their responsibilities.
- Information Security Governance: Oversee WSPs implementation and maintenance of its ISO27001 certified Data and Information Security Management System. Establish and maintain the Information Security Governance framework; including running the Information Security Committees; coordinating IS risk management, executive reporting and participate in other forums where information security input and approval is required based on documented policies and processes.
- Risk Management: Oversee the identification, assessment, and mitigation of information security risks. Work closely with cross-functional teams to ensure risk management practices are embedded in business processes and projects. Monitor the effectiveness of risk mitigation measures and drive continuous improvement.
- Security Awareness and Training: Develop and deliver comprehensive security awareness and training programs to promote a security-conscious culture throughout the organization. Collaborate with stakeholders to address security education needs and ensure employees understand their roles and responsibilities in protecting information assets.
- Acquisition, Mergers and Integrations: Direct the security matters relating to all aspects of Acquisitions, Mergers, Integrations and Divestments. Including the security evaluation of potential acquisitions through to the integration of the acquired businesses into WSP’s security ecosystem.
- Client Support: Develop and maintain a program of client support, to ensure that all client security requirements are identified, assessed, delivered and reported to relevant business leaders.
- Vendor and Third-Party Risk Management: Develop and maintain a robust vendor and third-party risk management program. Conduct assessments of vendors and service providers to ensure they meet information security requirements and adhere to contractual obligations.
- Incident Response and Management: Develop and maintain an incident response plan and coordinate the response to information security incidents. Lead investigations, root cause analyses, and corrective actions to mitigate the impact of incidents and prevent future occurrences.
- Security Incident Reporting and Metrics: Develop and maintain metrics, reports, and dashboards to track the effectiveness of the information security program. Provide regular updates to senior leadership on the organization's security posture and recommend remedial actions as needed.
Leadership and People Responsibilities:
- Displays personal and team leadership in performing their role, with an ability to make complex decisions with limited input and review from senior staff.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
- Assist in the training, and coaching of new and existing staff, and provide coaching to staff executing all aspects of information security and risk assessment and support.
- Develop positive working relationships with other team members and business partners and partner across teams to align with WSP internal and external client demands.
- Capable of rapidly assimilating and internalizing complex business, technology, and risk management concepts and dependencies.
- Capable of clearly defining, presenting and selling recommended strategies to senior management teams.
- Critical thinker with strong problem-solving skills, project management skills; financial/budget management, scheduling and resource management.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate between specialized groups of business unit and IT professionals.
- Accommodation of schedule for international conference calls.
Finance/Budgetary Responsibilities:
- Support the CISO in developing the budget projections based on objectives
- Responsible for the budget for the Information Security Office
Requirements:
Required
- 10+ years related senior level experience in Information Security, IT risk, IT Audit or a similar position involving IT and business change, including leading a team of IT professionals.
- Graduate of a four-year college or university, preferably with a degree in computer science or information management, or Professional certification in one or more of the following disciplines — IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA).
- Working (not necessarily technical) knowledge of security technologies (encryption, data protection, network intrusion prevention, host intrusion prevention, firewalls, privilege access, etc.)
- Working (not necessarily technical) knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP
- Knowledge of security best practices (applications, network and client setups)
- Experience with IT Governance frameworks such as COBIT, ITIL and ISO 2700x
- Experience with governance, compliance and audit within IT environments
- Experience of risk management, including risk analysis, mitigation and monitoring
- Knowledge of information security regulations applicable to WSP
- Fluent Bilingual English and French
Preferred
- Master's degree in IT, Computer Science, Engineering or related field
-
Head of Information Security
3 days ago
Old Toronto, Canada WSP USA Full timePosition Summary WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
Head of Information Security
2 weeks ago
Old Toronto, Canada WSP USA Full timePosition Summary WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
Head of Information Security
Found in: Jooble CA O C2 - 4 days ago
Toronto, ON, Canada WSP USA Full timePosition Summary WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our...
-
Head of Security
16 hours ago
Toronto, Canada Zapier Job Board Full time**Head of Security - AMER**: Hi there! We're looking for our next Head of Security to lead the Security organization at Zapier. We're on a mission to make everyone more productive at work. Our product has helped millions of people build businesses through the power of automation. As the Head of Security at Zapier, you will be responsible for continuing to...
-
Consultant, Information Security
3 days ago
Old Toronto, Canada Canadian Imperial Bank of Commerce Full timeConsultant, Information Security page is loaded Consultant, Information Security Apply locations Toronto, ON time type Full time posted on Posted Yesterday job requisition id 2404198 We’re building a relationship-oriented bank for the modern world. We need talented, passionate...
-
Consultant, Information Security
3 days ago
Old Toronto, Canada Canadian Imperial Bank of Commerce Full timeConsultant, Information Security page is loaded Consultant, Information Security Apply locations Toronto, ON time type Full time posted on Posted Yesterday job requisition id 2404198 We’re building a relationship-oriented bank for the modern world. We need talented, passionate...
-
Consultant, Information Security
3 days ago
Old Toronto, Canada Canadian Imperial Bank of Commerce Full timeConsultant, Information Security page is loaded Consultant, Information Security Apply locations Toronto, ON time type Full time posted on Posted Yesterday job requisition id 2404198 We’re building a relationship-oriented bank for the modern world. We need talented, passionate...
-
Head of Security
16 hours ago
Toronto, Canada Zapier Full timeHi there! We're looking for our next Head of Security to lead the Security organization at Zapier. We're on a mission to make everyone more productive at work. Our product has helped millions of people build businesses through the power of automation. As the Head of Security at Zapier, you will be responsible for continuing to evolve our security strategy...
-
Information Security Analyst
7 days ago
Toronto, Canada Canada Life Assurance Company Full time**Job Description**: The Information Security Analyst II is part of the first line of cyber defense team, working with IT and business partners to help them understand and manage information security risks and comply with the organizational information security policies. The role also supports the delivery of analysis-based cyber security services to our...
-
Information Security Analyst
2 weeks ago
Old Toronto, Canada Canadian Investment Regulatory Organization Full time40 Temperance Street Suite 2600 Toronto, ON M5H0B4, CAN DescriptionPosition Title: Information Security AnalystDepartment:Information TechnologyLocation:TorontoStatus: Permanent Full-time (Hybrid)The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with...
-
Information Security Analyst
2 weeks ago
Old Toronto, Canada Canadian Investment Regulatory Organization Full time40 Temperance Street Suite 2600 Toronto, ON M5H0B4, CAN DescriptionPosition Title: Information Security AnalystDepartment:Information TechnologyLocation:TorontoStatus: Permanent Full-time (Hybrid)The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with...
-
Information Security Analyst
2 weeks ago
Old Toronto, Canada Canadian Investment Regulatory Organization Full time40 Temperance Street Suite 2600 Toronto, ON M5H0B4, CAN DescriptionPosition Title: Information Security AnalystDepartment:Information TechnologyLocation:TorontoStatus: Permanent Full-time (Hybrid)The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with...
-
Head of Infrastructure and Operations
1 week ago
Old Toronto, Canada SSC Perfumes & Cosmetics Full timePosition Head- Infrastructure & Operations The Position Head- Infrastructure & Operations is responsible for the design, operations, and maintenance of IT infrastructure for LVMH Beauty China Offices, Warehouses, Factory, Boutiques, and Counters. The role ensures a high-performance, stable, and secure technical environment to support users, applications, and...
-
Head of Infrastructure and Operations
2 weeks ago
Old Toronto, Canada SSC Perfumes & Cosmetics Full timePosition Head- Infrastructure & Operations The Position Head- Infrastructure & Operations is responsible for the design, operations, and maintenance of IT infrastructure for LVMH Beauty China Offices, Warehouses, Factory, Boutiques, and Counters. The role ensures a high-performance, stable, and secure technical environment to support users, applications, and...
-
Head of Infrastructure and Operations
2 weeks ago
Old Toronto, Canada SSC Perfumes & Cosmetics Full timePosition Head- Infrastructure & Operations The Position Head- Infrastructure & Operations is responsible for the design, operations, and maintenance of IT infrastructure for LVMH Beauty China Offices, Warehouses, Factory, Boutiques, and Counters. The role ensures a high-performance, stable, and secure technical environment to support users, applications, and...
-
VP Information Security
Found in: Whatjobs CA C2 - 7 days ago
Old Toronto, Canada Alterna Sa Full timeThe VP, Information Security is responsible for the organization’s strategies, objectives, policies, plans, budget and operations for the area of IT Security and Cyber Security. Works collaboratively with the senior management team to provide support to meet operational requirements and achieve annual and long-term corporate goals. The VP, Information...
-
VP Information Security
1 week ago
Old Toronto, Canada Alterna Sa Full timeThe VP, Information Security is responsible for the organization’s strategies, objectives, policies, plans, budget and operations for the area of IT Security and Cyber Security. Works collaboratively with the senior management team to provide support to meet operational requirements and achieve annual and long-term corporate goals.The VP, Information...
-
VP Information Security
1 week ago
Old Toronto, Canada Alterna Sa Full timeThe VP, Information Security is responsible for the organization’s strategies, objectives, policies, plans, budget and operations for the area of IT Security and Cyber Security. Works collaboratively with the senior management team to provide support to meet operational requirements and achieve annual and long-term corporate goals.The VP, Information...
-
VP Information Security
1 week ago
Old Toronto, Canada Alterna Sa Full timeThe VP, Information Security is responsible for the organization’s strategies, objectives, policies, plans, budget and operations for the area of IT Security and Cyber Security. Works collaboratively with the senior management team to provide support to meet operational requirements and achieve annual and long-term corporate goals.The VP, Information...
-
Information Security Analyst
5 days ago
Toronto, Canada Investment Industry Regulatory Organization of Canada (IIROC) Full time**Position Title: Information Security Analyst** **Department: Information Technology** **Location: Toronto** **Status: Permanent Full-time (Hybrid)** The Information Security Analyst will implement the information security program initiatives, administer information security systems, and assist with monitoring information security policy compliance. The...
