Chief Information Security Officer

**Your way forward: Lead the Digital Revolution at Canada’s Busiest Airport**

Are you ready to redefine the future of global air travel? Join Toronto Pearson as our next Chief Information Security Officer (CISO) and take airport cybersecurity to new heights.

**Transform Toronto Pearson into the Airport of Tomorrow**

We are on a relentless mission to become the world’s most advanced, sustainable, and passenger-centric airport. This is your moment to drive our transformation. Engage with key stakeholders, build unwavering trust, and propel our organizational vision forward.

**Position Summary**:
As GTAA’s Chief Information Security Officer (CISO), reporting directly to the Chief Technology Officer (CTO), you will be responsible for pioneering the organization's cybersecurity strategy, aligning cutting-edge security initiatives with business goals, managing incident response and system resiliency, ensuring regulatory compliance, and driving comprehensive risk management. This critical role will also drive a cybersecurity culture that safeguards our critical infrastructure and data assets while proactively adapting to an ever-evolving threat landscape.

**As CISO, you will**:
**_ Lead the Enterprise Cybersecurity Team:_**
- Set strategy, employ governance, and manage cyber operations aligned with business goals.
- Direct GTAA’s SOC to monitor and respond to incidents and potential threats.
- Collaborate with GTAA's privacy leaders to integrate privacy requirements into cyber policies.
- Ensure security is embedded in technology system design, procurement, and delivery.
- Implement threat intelligence and hunting for emerging threats.
- Oversee emergency response aligned with GTAA’s crisis management program.
- Support the development of critical asset inventories across GTAA digital environments.

**_Set & Lead GTAA's Cyber Strategy and Engage Stakeholders:_**
- Define the third-party risk management (TPRM) approach to extend GTAA’s cyber posture to vendors and partners.
- Enhance security posture by implementing the ISO2700X:XX cybersecurity framework.
- Design and deploy enterprise cyber performance metrics and Board-level reporting.
- Liaise with external agencies, such as law enforcement and advisory bodies.
- Facilitate cybersecurity assessments (maturity, regulatory, legal, etc.).

**_Establish Governance & Build Knowledge:_**
- Develop, implement, and monitor GTAA's comprehensive cybersecurity program.
- Lead cybersecurity governance and chair the GTAA cybersecurity steering committee.
- Establish the cyber risk posture of the organization, including mandatory controls.
- Develop and implement cybersecurity policies.
- Create targeted cybersecurity training programs for employees and third parties.
- Drive a cybersecurity culture across the organization.

**_People Leadership:_**
- Manage an effective cybersecurity organization, including hiring critical talent.
- Create a compelling agenda with clear goals and expectations.
- Build a motivating environment that encourages others to do their best work.
- Coach, mentor, and develop individuals and teams.
- Inspire and empower others to achieve exceptional results.
- Demonstrate balance and adaptability in leadership style.

**This is a chance to be on the frontline of history at Toronto Pearson. To do so, you will bring**:

- A bachelor's degree in computer science, information systems, business administration, or related field, or equivalent work experience.
- 10+ years in IT and business/industry, 15+ years preferred.
- One of the following:

- Global Industrial Cyber Security Professional (GICSP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.
- Demonstrated experience and success in senior leadership roles in risk management, cybersecurity, and IT or OT security preferred.
- Prior CISO experience in a complex, mixed IT/OT environment is strongly preferred.
- 10+ years' experience in OT/IT services or related industry preferred.
- 8+ years' experience managing a complex operational systems environment (e.g., ICS, SCADA, OT/IT services, and aerospace/airport industry) preferred.

**At Toronto Pearson, we value a wide range of experience. Consider this role if you have**:

- Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies.
- Up-to-date knowledge of methodologies and trends in both business and IT.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT.
- Excellent communication skills, interpersonal and collaborative skills.
- Ability to communicate cybersecurity and risk-related concepts to technical and non-technical audiences.
- Strategic leader and builder of both vision and bridges.

**Let’s do this together