IT Manager, Security

**Position Summary**

The IT Manager Security and Governance is a key member in the IT organization, being responsible for overseeing the company’s internal IT systems, infrastructure strategy, and information security program. This leadership role will ensure the scalability, resilience, and security of our technical environment by managing both day-to-day IT operations and long-term cybersecurity strategy. The IT Manager will engage with multiple stakeholders, ensuring alignment with governance frameworks and supporting decision-making processes. The IT Manager will play a critical role in maintaining the effectiveness of governance practices, resolving service performance issues, and identifying improvement opportunities.

**Key Responsibilities**:

- Act as a strategic thought partner to senior leadership, advising on IT investments, cybersecurity trends, and operational risks.
- Lead the design, implementation, and continuous improvement of internal IT systems, infrastructure, and policies.
- Act as the primary contact for data privacy and security-related contractual requirements with clients, auditors, and partners.
- Ensure proper IT change management processes, incident handling, and escalation protocols are followed.
- Develop and monitor IT KPIs and service-level metrics to drive operational excellence
- Lead and facilitate governance alignment, implementation, and sustainment for the Technology Planning and Delivery Governance organization.
- Develop and recommend strategies to align stakeholders, sponsors, and executives with leadership.
- Provide guidance on governance best practices to resolve service performance issues and improve processes.
- Identify and escalate risks, gaps, and arising issues from governance meetings that affect decision-making and risk management.
- Track governance data including maturity, policy development, and decision execution.
- Support the development of deliverables by staff and contractors related to governance.

**Required Skills and Qualifications**:

- Bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related field.
- 5+ years of progressive experience in IT and/or information security roles, including 3+ years in a leadership or management position.
- 3+ years of experience in governance design, oversight, and management within a manufacturing or construction organization environment.
- Hands-on experience with ITIL processes, ticketing systems, asset management, and vendor management.
- Proven experience leading ISO 27001, SOC 2, or other compliance initiatives from initiation to certification
- Proven experience with governance frameworks, decision-making processes, and performance tracking.
- Strong communication skills, both verbal and written, with experience in executive-level documentation and presentations.

**Additional Assets**:

- Certifications such as CISSP, CISM, CompTIA Security+, or ISO 27001 Lead Implementer/Auditor
- AEC or DEC (attestation/certificate of collegial studies) in networks or equivalent (an asset)

**Health and Safety**:

- Work in compliance with the provisions of the OHSA, regulations, and internal policies and procedures;
- Report to his or her supervisor any missing or defective equipment or protective device which could endanger any person;
- Report to his or her manager the contravention of the OHSA, regulations, or company H&S policies and procedures or any observed hazard;
- Refrain from operating any equipment, machine, device or thing or otherwise working in a manner that may endanger anyone;
- Avoid engaging in any prank, contest, feat of strength, unnecessary running or rough and boisterous conduct;
- Know, understand and implement safe work practices and procedures;
- Know, understand and employ established rules and procedures for handling materials, equipment and processes (e.g. reporting unlabelled containers, using proper lifting techniques, etc.);
- Request that worn out or defective equipment be replaced;
- Use all safety devices provided, ensuring optimum condition of devices and report any defects immediately to a supervisor;
- Use equipment and materials only in the manner intended;
- Report all injuries, incidents, hazards and unusual conditions immediately to supervisor;
- Follow Standard Operating Procedures as related to your work area.

**Working Conditions**
- Typical office hours: Monday to Friday - 9:00 am - 5:00 pm. Additional hours may be required to meet the needs of the business.
- Requires a limited amount of walking and lifting
- Requires a significant amount of sitting for prolonged periods of time while using the computer and headset