Information Security Program Manager

Please Note: If you are a current Algonquin College employee, apply to this job via the Workday application.

Department:

Information Security

Position Type:

Full-Time Administrative

Salary Range:

$104,333.00-$139,110.00-Annual

Scheduled Weekly Hours:

36.25

Anticipated Start Date:

January 05, 2026

Length of Contract:

N/A

Posting Information

This job posting is now accepting applications from all qualified individuals.

Posting Closing Date:

November 18, 2025

Please note: jobs are posted until 11:59 pm on the job closing date.

Job Description:

As the Information Security Program Manager, the incumbent is responsible for managing and supervising the College's Information Security Program, including the oversight of a team of cybersecurity professionals and Senior Cybersecurity Strategists within the Information Security & Privacy (IS&P) team. The incumbent leads the planning and execution of security operations, program development, and the alignment of cybersecurity initiatives with institutional risk and compliance objectives.

This position plays a critical role in addressing the growing complexity and impact of regulatory compliance, operational disruptions, third-party risks, and evolving cyber threats. An integrated and risk-informed security and compliance program is necessary to protect the College's digital assets, ensure business continuity, and support institutional goals. The incumbent ensures that the College is positioned to manage cybersecurity risk in a way that enhances operational resilience and institutional reputation.

The incumbent is responsible for identifying, evaluating, and reporting on cybersecurity risks in a manner that complies with regulatory requirements, aligns with privacy legislation, and supports the overall risk posture of the College. This includes leading the implementation and continuous improvement of the several College's information security operations including: Threat and Vulnerability Management (TVM) Program, Identity and Access Management (IAM) Roadmap, Information Security & Privacy Awareness Training, Security Operations Center (SOC) and coordinating with the Privacy Program Manager to ensure alignment with the College's privacy Strategy, directives, policies, and standards.

The TVM Framework defines a comprehensive process for identifying, classifying, remediating, and mitigating vulnerabilities across College IT systems. The incumbent ensures that tools and technologies used for threat intelligence and vulnerability scanning are properly integrated to provide accurate reporting, visibility, and response capabilities. - Under the administrative direction of the Associate Director of Information Security and Privacy, the incumbent leads and manages strategic and operational activities related to cybersecurity, including the execution of roadmaps, conduction Information Security & Privacy Risk Assessments, ensuring the continuous update of the College's Cybersecurity Incident Response Plan. The incumbent also ensures coordination of tasks and implementation of recommendations and mitigations by college stakeholders.

The incumbent proactively detects, monitors, and mitigates vulnerabilities using enterprise security tools and establishes governance rules to manage risk across the College's information technology assets. This includes supporting secure software development practices and setting technical standards to limit the use of high-risk components and packages.

As a leader in the IS&P team, the incumbent is accountable for supervising team performance, providing feedback for performance management processes, and acting on behalf of the Associate Director when required. They manage vendor relationships, oversee operational security tasks, and coordinate with internal and external stakeholders to align activities with College strategic priorities and compliance obligations. - The incumbent will also be responsible for collecting, analyzing, and reporting key performance and risk metrics to senior management and the Algonquin College Executive Team (ACET). These insights support evidence-based decision-making and ensure that the College maintains a progressive, risk-based, and values-driven cybersecurity program.

Required Qualifications:

• A four (4) year degree in Computer Science, Computer Engineering, Management Information Systems, or equivalent field of study.

• The following professional designations are required: CISSP, ITIL, CISM, Azure certification

• Requires a minimum of 9 years cumulative experience in Information Technology (7 years will be accepted if incumbent posses a Masters in a Computer related field) with 4 consecutive years directly focused on Information Security management.

• Experience working with the knowledge gained through Information Security training organizations such as International Information Systems Security Certification Consortium (ISC2), Information Systems Audit & Control Association (ISACA), and SysAdmin Audit Network and Security (SANS).

• Experience conducting detailed security threats and risk assessment, and guiding towards sound implementation approaches.

• Experience and ability to leverage multi-cloud security solutions.

• Experience in Threat and Vulnerability Management, and advanced threat and vulnerability detection technologies.

• Ability to stay current on emerging threats, technologies and best practices to advise/consult for diverse internal business units.

• Strong knowledge of cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, Canadian Center for Cyber Security

• Experience and strong knowledge of a wide variety of tools used for API, Web & Mobile Application Security Assessments, Penetration Testing and Source Code Reviews, such as Nessus, Qualys, Nexpose, Metasploit, Burpsuite, Kali Linux (and tools included in Kali Linux), PowerSploit, and other web application scanners such as HP Web Inspect etc.

• Experience developing comprehensive and accurate Threat, Vulnerability and Risk Assessment reports and presentations for both technical and executive audiences

• Experience researching and drafting information security technical standards, guidelines, processes, and procedures;

• Experience working with and presenting to upper management and senior executives.

• Excellent communication skills. Able to communicate well at varying levels of the College hierarchy;

• Excellent understanding of application development and systems development life cycle methodologies;

• Strong process engineering/design skills;

• Strong facilitation, interpersonal, and presentation skills;

• Results driven and self-motivated;

• Critical thinking and problem solving skills;

• Customer focused with strong analytical skills;

• Excellent leadership, motivational, and conflict resolution skills.

This position is eligible for hybrid work in conjunction with the College's Flexible Work Arrangement Policy. (subject to change). 

Algonquin College values diversity and is an equal opportunity employer. We offer an inclusive work environment and encourage applications from all qualified individuals. If you require accommodation during the recruitment process please contact the Human Resources department at While we thank all those who apply, only those to be interviewed will be contacted.

---