Senior Manager, Cyber Security

Competition Number: REQ 6997

TITLE: Senior Manager, Cyber Security

DIVISION: Information Technology

SALARY: To be determined 

LOCATION: 230 Richmond Street East

STATUS: Full Time Admin

EFFECTIVE DATE: Immediately

CLOSING DATE: Open until filled.

Land Acknowledgement

George Brown College is located on the traditional territory of the Mississaugas of the Credit First Nation and other Indigenous peoples who have lived here over time. We are grateful to share this land as treaty people who learn, work, and live in the community with each other.

Equity Statement

George Brown College is committed to creating and sustaining an equitable and inclusive learning and working environment. We encourage and actively seek applications from Indigenous, Black, racialized people, visible minorities, 2SLGBTQIA+ persons, all genders, and persons with disabilities. 

GBC Vision 

To be a college renowned for its inclusion, excellence, relevance, impact, and leadership. 

Position Summary:

Reporting to the Executive Director, Cyber Security and IT Infrastructure Services, the Senior Manager, Cyber Security provides college-wide leadership for the development, implementation, and continual advancement of George Brown College's Cyber Security governance, risk, and compliance (GRC) program.

The Senior Manager is accountable for enterprise-wide Cyber Security operations, including strategic risk reduction, regulatory compliance (e.g., FIPPA, PCI-DSS, Bill 194), and institutional resilience. This role manages the College's Managed Security Services Provider (MSSP), develops college-wide policies and standards, manages the risk register, leads risk assessments, training and awareness campaigns, and prepares executive and board-level reporting.

This position requires confidentiality, sound judgment, and strategic foresight, with strong leadership skills to mentor staff and engage stakeholders across the institution.

Key Responsibilities:

• Lead the development, implementation, and continual refinement of the Cyber Security governance, risk, and compliance (GRC) program aligned with ISO 27001, CIS Controls, and the NIST Cybersecurity Framework.
  
• Manage the College's Cyber Security risk register, policy lifecycle management, and regulatory compliance reporting.
  Provide oversight of security operations, risk reduction, audits, and vendor contracts (MSSP and third-party service providers).
  
• Independently manage and deliver complex Cyber Security projects across the College, ensuring alignment with institutional priorities and regulatory requirements.
  
• Supervise, mentor, and develop the Cyber Security team (Senior Analysts and MSSP), fostering high performance, accountability, and continuous improvement and growth.
  
• Lead the response to Cyber Security incidents, forensic investigations, and sensitive matters in collaboration with Legal and Privacy Offices.
  
• Develop, implement, and deliver Cyber Security awareness campaigns, training, and executive-level reporting.
  
• Manage Cyber Security budgets, track ROI of security investments, and demonstrate fiscal stewardship.
  
• Collaborate with stakeholders across ITS, Legal, Privacy, Audit, and College leadership to strengthen institutional resilience.
  
• Other duties as assigned.

Educational and Experience Requirements:

• Four-year Degree in Cyber Security, Information Security, Information Technology, or a related discipline (required).
• Master's Degree in Cyber Security, Information Security, or equivalent experience (preferred).
• At least one globally recognized certification, such as CISSP or CISM (required).
• Additional designations, such as ITIL, COBIT, or cloud-provider certifications (e.g., AWS, Azure), are considered an asset.
• Minimum 9 years of progressive IT/Cyber Security experience, including:
• At least 5 years leading enterprise-scale Cyber Security programs.
• Minimum 3 years of people leadership experience with accountability for people, budgets, and departmental outcomes.
• Demonstrated expertise in Cyber Security risk management, governance, and audits.
• Strong experience with ISO 27001, NIST CSF, and CIS Controls.
• Experience in vendor contract negotiation, MSSP performance management, and regulatory compliance (FIPPA, Bill 194).
• Proven ability to articulate complex risks to C-suite executives and lead comprehensive security incident post-mortems to drive organizational resilience.

Skills and Attributes:

• Strong leadership skills, with experience managing diverse, high-performing teams.
• Excellent communication, presentation, and executive engagement abilities.
• Skilled in project management, strategic planning, and cross-functional collaboration.
• Advanced mentoring and staff development capabilities.
• Ability to balance strategic foresight with technical acumen in fast-paced environments.
• Demonstrated commitment to upholding diversity, equity, inclusion, and accessibility in all practices.

Interview process may consist of a practical skills component.

Notes:

• The College requires proof of degrees, credentials, or equivalencies from accredited regional or federal post-secondary institutions and/or their international equivalents. Credentials may require validation at the time of interviews or offer.

About Us: 

George Brown College prides itself on educating students through real-world learning, in the heart of Toronto. Our faculty and employees make this vision a reality, and we support them by making George Brown a great place to work. See why we are consistently ranked as one of GTA's top employers. 

Why work here? 

George Brown College offers hybrid work opportunities, a competitive pension plan, generous holiday and vacation time, a tuition assistance program, discounted rates for employees taking Continuing Education courses, and an equitable work environment where everyone matters.

George Brown College is committed to accommodating applicants with disabilities throughout the hiring process, in accordance with the Accessibility for Ontarians with Disabilities Act (AODA). Candidates who require accommodation in the hiring process may contact  confidentially.