Manager, Enterprise Information Security

Job Description

Manager, Enterprise Information Security

P2-7

Scarborough, Ontario

Toyota Canada Inc. (TCI) is the exclusive Canadian distributor of Toyota and Lexus vehicles. Toyota Canada's head office is in Toronto, with regional offices in Vancouver, Calgary, Montreal and Halifax. Toyota parts and accessories are distributed through TCI's Parts Distribution Centres in Bowmanville and Vancouver. TCI supports over 287 Toyota and Lexus dealers in Canada with services that include training, sales, marketing, environmental and customer satisfaction initiatives.

What Sets Us Apart?

A focus on People, Passion for Toyota, Innovation and Make Things Better has made us an award-winning company, recognized worldwide for our technological leadership and superior standards of quality, community involvement and environmental responsibility.

Job Summary:
What’s the Purpose?- Define and deliver an enterprise information security strategy, roadmap, and best practices in support of the enterprise’s information security architecture.- Implement a security framework to manage technological risk management- Ensure ongoing compliance with TMC and regulatory security and risk requirements- Create and maintains technology standards for the organization- Mature security architecture capability

What’s the Scope?- Cross functional, enterprise wide- Works on highly complex business initiatives that have significant impact to the enterprise and across enterprise processes and functions- Technical leadership role for establishing strategy and direction in the security architecture domain- Makes decisions for the organization based on the highest degree of technical complexity and through understanding the far-reaching financial, risk and reputational implications across the IT organization and the TCI brand

What We’ll Bring:
- A hybrid work environment- A work environment built on teamwork, flexibility and respect- Competitive compensation package including health and dental benefits, and bonus- Health and dental benefits effective immediately- Company pension plan with matched contribution- Associate vehicle discount program- Professional growth and development programs to help advance your career, as well as tuition reimbursement- Fitness reimbursement- Great company culture - Respect for people and continuous improvement is at our core- Paid holiday shutdown and competitive paid time off benefits- Summer Hours - condensed work week during the summer

What You’ll Be Doing:
- Lead the information security team- Define and deliver an enterprise information security strategy, roadmap, and best practices in support of the enterprise’s information security architecture.- Implement a security framework to manage technological risk management including TRA/PIA assessments during project delivery cycle- Ensure ongoing compliance with TCM and regulatory, security and risk requirements- Create and maintains technology standards for the organization- Actively mature security architecture capability- Develop and maintain controls on data quality, interoperability, and sources to effectively manage corporate risk- Develop and maintain the information security posture (policy, architecture, governance) to protect enterprise information assets.- Collaborates with key business and IT leaders to develop security and business continuance standards and action plans.- Directs all security audits and tasks to ensure that the integrity, confidentiality, and availability of information to end-users, is not compromised.- Ensures that IT complies with existing laws and regulations and that the enterprise’s IT environment is secure.- Maintains reliable, up-to-date, information from the government and across the industry regarding identification of new threats and vulnerabilities-
- Lead the design and implementation of security platforms and their associated software, such as routers, switches, firewalls, WAF, anti-virus, cryptography systems, SIEM, Anti-SPAM and MDM- Oversee third-party security and compliance audits and any resulting remediation actions- Works with IS management team and 3rd party PaaS, SaaS and IaaS vendors

What You’ll Bring:
- University Degree in Computer Science, Information Systems, Business Administration or related disciplines.- Minimum 20 years IT and business/industry work experience- Minimum of 10 years in the information security space with exposure to information security consulting working on projects- 5 years of leadership experience in managing the information security function (matrix or direct reporting structure)- Experience in developing security strategies ideally in retail, wholesale, automotive or manufacturing setting- Proven experience in securing on premise and cloud solutions (IaaS/PaaS/SaaS)- Experience with common information security management frameworks, such as ISO 2700x, COBIT, or NIST- understanding of information security concepts, standards, practices, including but not limite