Manager, Cyber Risk

**About Us**:
**Proudly Canadian and Independently Owned, we are Coke Canada Bottling**

Coke Canada Bottling is Canada's premier bottling company. We are an independently owned business encompassing over 5,800 associates, more than 50 sales and distribution centres, and five production facilities nationwide.

We have a 120-year heritage of manufacturing, marketing, selling, and distributing the major branded ready-to-drink products Canadians love.

We pride ourselves on building diverse and sustainable relationships with our customers, consumers, stakeholders, and communities through our shared values: lead with an entrepreneurial mindset, collaboration, integrity, accountability, quality and safety.

Our brands include: Coca-Cola®, Diet Coke®, Coca-Cola® Zero Sugar, Coca-Cola Life, Sprite®, Fanta®, Barq's®, NESTEA®, POWERADE®, Minute Maid®, DASANI® and vitaminwater®; and our partner brands: Canada Dry®, Monster Energy®, evian® and A&W®.

**About This Opportunity**:
Coke Canada Bottling is recruiting full time **Manager - Cyber Risk and Compliance** for their Toronto office. Reporting to the Director - Cyber Security, The role will provide leadership and technical assistance to ensure company’s incident response plan and cyber risks are managed.

**Responsibilities**:

- Leads Information security incidents & breach response along with key stakeholders
- Advise and assist in implementing NIST Framework controls
- Maintain risk register, find security gaps and create remediation plans
- Owns, creates and maintain IT and OT Incident response plan
- Validate and improve existing IT DR/BCP plan
- Conduct Incident response plan trainings with various stakeholders
- Conduct tabletop, pen. tests exercises and run cyber risk awareness programs
- Make sure on 3rd party IT vendor comms. and compliance
- Identify critical assets, data protection and recovery strategies
- Comply with all internal and external various I.T. security audits
- NIST framework continuous compliance and improvements
- IT policies updates and governance

**Other Responsibilities**
- Make recommendations and/or implement security controls and countermeasures to prevent or mitigate various security risks
- Assist in implementing cutting edge security tools
- Monitor cloud platform security and fine tune security dashboards and alerts
- Submit scheduled security reports to IT leadership with risk ratings
- Identify and put in place the systems and tools, protocols, analysis methodology and reporting processes necessary to identify, analyze, quantify, monitor and mitigate control technology risks
- Benchmark, analyze, report on, and recommend improvements and growth of IT security infrastructure and systems

**Qualifications**:

- 7 years of experience, including 2+ years of leadership experience, in a combination of technology roles - preferred roles are systems design, solutions architect, technology consulting/ Big4 firms, internal audit, cyber-security, IT risk management
- Solid experience with NIST, Cloud security, PCI, SOC2, CIS Levels and physical security standards
- Excellent written and verbal communication is a must, within IT and across the business at all levels
- Able to work in managed service environment and familiar with ITIL process methodologies for support and escalations
- Experience in the Food [manufacturing plant environment], utility (power, gas, water), O&G, or transit sector, a significant plus
- Experience in SAP security controls and management would be an advantage
- Hands-on experience and self-starter with minimum supervison is a must
- IT security related certifications such as CISSP, CISM, CEH, CCIE, CCNP etc. would be an advantage
- Willingness to travel up to within Canada and internationally
- Proactive approach and attention to details is a must
- Knowledage of French language would be an advantage

**Important**:
All offers of employment at Coca-Cola Canada Bottling Limited (“Coke Canada Bottling”) are conditional upon a successful background clearance obtained through our contracted third-party vendor. The standard clearance requirements depend on the position and may include some or all of the following: criminal clearance, employment verification, education verification and drivers abstract review. Please advise the Talent Acquisition team if you have any questions or concerns in regards to this once you are contacted for further consideration.