Manager, Cyber Security

About the Role

Reporting to the Vice-President, IT, the Manager, Cyber Security is a newly created role responsible for owning, maturing, and continuously improving Torex Gold's cyber security program. This role provides hands-on leadership across cyber governance, risk management, audit readiness, and incident preparedness, while working closely with Corporate IT, site-based teams, and external partners.

The successful candidate will serve as the internal owner of cybersecurity—bringing structure, discipline, and practical judgment to ensure that cyber risks are understood, managed, and mitigated across the organization.

About Torex Gold

Our purpose is to transform finite mineral resources into lasting prosperity

by positively impacting all the lives we touch 
 

We are a Canadian mining company engaged in the exploration, development, and production of gold, copper, and silver from our flagship Morelos Complex in Guerrero, which is currently Mexico's largest single gold producer. The Company also owns the advanced stage Los Reyes gold-silver project in Sinaloa, Mexico, and recently acquired a portfolio of early-stage exploration properties, including the Batopilas and Guigui projects in Chihuahua, Mexico, and the Gryphon and Medicine Springs projects in Nevada, USA. 

Torex consistently delivers on our commitments guided by our key strategic objectives: optimization of Morelos production and costs; disciplined growth and capital allocation; growth of reserves and resources; excellence in project delivery; retention and attraction of best industry talent; and being an industry leader in responsible mining.  

We have proven over the past decade that we can make a positive impact on people's lives and the environment around us, all while improving safety, achieving operational efficiencies, realizing cost reductions, and generating positive return on investment. This is what makes us strong. This is the Torex way. 

What We're Looking for:

Education:

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field
• Equivalent education combined with relevant experience will be considered
• CISSP (Certified Information Systems Security Professional) or similar certification is highly preferred

Experience:

• Minimum 10 years of experience in Information Technology Security roles
• At least 5 years of cybersecurity management experience
• Proven experience developing and implementing cybersecurity strategies aligned with business objectives and regulatory requirements
• Experience with risk assessment, threat modeling, and vulnerability management in industrial or operational environments
• Experience working with the NIST Cybersecurity Framework (CSF)
• Expertise in incident detection, response, and recovery across both IT and OT environments
• Experience managing SOC operations, SIEM tools, and threat intelligence platforms
• Strong experience supporting internal and external audits and cybersecurity governance
• Experience managing large-scale cybersecurity initiatives, including budgeting and vendor oversight
• Ability to train and build cyber awareness programs for employees and contractors, including in remote mining environments

Skills

• Strong cybersecurity governance and risk management mindset
• Practical, business-oriented approach to cyber security controls
• Ability to influence, challenge, and collaborate across technical and non-technical teams
• Confident communicator capable of explaining security requirements in a clear and pragmatic way
• Strong organizational skills with the ability to manage multiple priorities simultaneously
• Spanish verbal communication is highly preferred; English fluency is required

Key Accountabilities

Application Support and Development

• Participate in the software development lifecycle to ensure cybersecurity standards and controls are embedded
• Review and contribute to testing activities to validate security considerations

Data and Artificial Intelligence

• Participate in data and analytics initiatives to ensure cyber security and data protection requirements are met
• Contribute to the development of policies and standards related to data security and data classification
• Support governance related to emerging technologies, including AI usage and associated risks

Governance

• Develop and maintain cybersecurity KPIs for executive and Audit Committee reporting
• Monitor compliance with IT cyber security policies and provide guidance and coaching where required
• Develop cybersecurity procedures and standard operating procedures (SOPs)
• Coordinate and support internal and external cybersecurity audits

Infrastructure

• Participate in infrastructure design discussions to ensure cybersecurity considerations are incorporated
• Establish and monitor cybersecurity–related infrastructure KPIs
• Collaborate with Infrastructure and Operations teams on remediation and resilience improvement initiatives

Cyber Security

• Own and lead the annual cybersecurity program and roadmap
• Manage the annual cybersecurity budget and vendor portfolio
• Develop, maintain, and update cybersecurity policies and procedures
• Monitor cybersecurity KPIs regularly and drive continuous improvement
• Coordinate cyber incident escalation with internal teams and managed service providers
• Maintain and update the cybersecurity risk register
• Lead cyber incident simulations and tabletop exercises
• Stay current on emerging cyber threats and technologies and provide practical recommendations to leadership

Audit 

• Lead IT department audit responses for internal and external audits 
• Lead the definition, execution, and testing of Information Technology general controls and application controls. 

What Success Looks Like

• Measurable improvement in cybersecurity maturity year over year
• Strong audit outcomes and improved governance clarity
• Clear ownership, accountability, and coordination across cybersecurity activities
• Improved readiness for cyber incidents and emerging threats
• Increased confidence from leadership and the Board in the organization's cybersecurity posture

Why Join Us?

· Impactful Work: Help optimize the Morelos Property's potential as we continue to diversify and create value for our shareholders.

· Hands-On Leadership: Be directly involved in driving key initiatives and processes that positively impact people's lives and the environment around us.

· Collaborative Environment: Work with a dedicated team of professionals committed to being an industry leader in responsible mining.

· Competitive Total Rewards

• Annual Base Salary: $160k – $195k 
• Short-term incentive plan and long-term incentives 
• Extended group health and dental plans 
• Health Care Spending Account of $1,000 per year 
• Insurance coverage (Life, AD&D, STD, and LTD) 
• RRSP matching  
• Wellness initiatives, ongoing development, and career growth opportunities 
• Four weeks of vacation for everyone
• Flexible work arrangements

The posted salary range represents our target pay for this role. Final compensation will be determined based on the comprehensive review of the candidate's qualifications, skills, and experience, as well as internal equity and external benchmark data for comparable roles. 

This posting is for an existing vacancy that the Company is actively recruiting to fill. While we utilize technology to support our recruitment campaigns, we do not employ Artificial Intelligence in the screening of applicants.

Join us in shaping the future of Torex Gold

 Please note that Torex Gold does not accept unsolicited resumes from recruitment agencies without a created agreement in place for permanent/contract placements.

Torex Gold Resources is an equal-opportunity employer. We are proud to provide employment accommodation during the recruitment process. Should you require any accommodation, please indicate this when you apply, and we will work with you to meet your accessibility needs.