Senior Director, Information Security Officer

Job Title: Senior Director, Information Security Officer Reports To: Lily Chen, Chief Financial Officer Hiring Manager: Lily Chen ( ) Salary Range: $185,772.55 – $204,349.81 Work Location: 729 Petrolia Road, Toronto Job Type: Permanent Full Time Shift Information: Monday to Friday, 35 hours work Job Summary: The Senior Director, Information Security Officer (ISO) is a strategic executive leadership role responsible for overseeing the entire cybersecurity posture of Toronto Community Housing Corporation (TCHC) and Toronto Seniors Housing Corporation (TSHC), while also liaising with the City of Toronto. The ISO leads the development, execution, and continuous improvement of comprehensive cybersecurity programs that protect digital and information assets and ensure organizational resilience. This position is accountable for ensuring the confidentiality, integrity, and availability of TCHC’s technology infrastructure, and for aligning security strategies with business objectives, regulatory compliance, and emerging threats. The ISO directly advises the Executive Leadership Team and Board of Directors, and leads cross-functional collaboration with municipal, regulatory, and law enforcement partners. Key Responsibilities: Lead enterprise-wide cybersecurity governance, risk management, operations, and compliance across TCHC and affiliates. Design and implement cyber strategy, policies, standards, procedures, and controls aligned with NIST CSF and other frameworks. Oversee threat monitoring, incident response, vulnerability management, and forensics functions. Manage and mentor a large multidisciplinary cybersecurity team (20+ staff), including four senior managers. Provide expert advisory and reporting to the CFO, executive leadership, and Board Committees. Ensure alignment of cybersecurity posture with operational technology (OT) and information technology (IT). Supervise cybersecurity risk assessments, maturity assessments, and internal/external audits. Direct disaster recovery (DR), business continuity planning (BCP), and emergency response efforts. Ensure legal, privacy, regulatory and audit compliance across cybersecurity programs. Establish and report enterprise-level KPIs and performance metrics. Lead strategic vendor and stakeholder management with City of Toronto, regulatory bodies, vendors, and law enforcement. Oversee a cybersecurity budget of $3.5M–$4.5M and ensure responsible fiscal management. Promote cyber awareness programs and conduct executive-level and board-level training. Act as incident commander during major cyber events or crises, including war room coordination. Reporting Structure: Reports To: Lily Chen, Chief Financial Officer Direct Reports: 4 Senior Managers (IS Defense & Operation; GRC/Risk & Security Architecture; Security Program Execution; Security Program Manager) Team Size: Over 20 staff including supervisors and leads Collaborates With: City of Toronto’s Office of the CISO Key Interfaces: External: City of Toronto, Regulatory Bodies, Cybersecurity Vendors, Auditors, Law Enforcement Qualifications: Experience: Minimum 15 years in information security, with at least 10 years in senior leadership roles. Proven experience in leading cybersecurity transformation programs in complex environments. Education: Bachelor’s or Master’s degree in cybersecurity, information systems, or related field. Certifications (at least one preferred): CISSP, CISM, CRISC, CISA, GSLC Desired Qualifications: Experience in the public sector or similarly complex organizations. Strong technical knowledge in IT/OT security, cloud security, and incident response. Expertise in security frameworks: NIST CSF, ISO 27001, COBIT, etc. Ability to communicate cyber risks to non-technical executive stakeholders and Boards. Demonstrated ability to lead under crisis, including ransomware and breach scenarios. Working Conditions / Special Considerations: Regular hours: 35-hour work week. Requires availability during emergencies, breaches, and war room scenarios. May involve evening, weekend, and extended-hour commitments. Requires handling highly confidential and sensitive data. Additional Information: Subject to police background check, psychological assessment, and additional screening. Equity Statement: TCHC encourages applications from Indigenous peoples, racialized communities, persons with disabilities, women, 2SLGBTQ+ persons, and others from equity-deserving groups. #J-18808-Ljbffr