Manager, Information Security - London, Canada - Info-Tech Research Group Inc. - Canada
Description
Info-Tech is one of the world's fastest-growing IT research and advisory companies, proudly serving over 30,000 IT professionals. We are looking for a strongManager, Information Security & Privacy to join our team.
Why join us?
We are a growth focused, entrepreneurially spirited company that has consistently achieved YoY growth in our 25 years of operation and are especially proud of our double-digit growth in the midst of a global pandemic.
When you join Info-Tech you get access to unlimited opportunities for professional growth and development in your field of expertise or areas you are interested in.
We promote learning to help you be a better professional and we will also pay for some of those certifications.
You will work in a highly collaborative team that functions efficiently even in a remote work setting.You will have flexibility to work from home, at the office (located in London / Toronto Ontario and quite fun), or in a hybrid mode.
We offer great competitive salaries, benefits plan, and RRSP matching plans.
The
Manager, Information Security & Privacy role is to assist the CIO by providing vision and leadership to develop, implement and support security & privacy initiatives within our organization.
The Manager, Information Security & Privacy will accomplish this by directly assessing and holistically managing all aspects of risk regarding IT security, privacy, and legislative/regulatory compliance issues as it relates to technology operations and strategy.
Focus Areas
1) Strategy Planning 10%
2) Training and Awareness 20 %
3) Operational Management 70%
Areas of Responsibilities
Operational Management (70%)
- Complete security and contract reviews requested by clients in support of sales process. Review with CIO results, review trends and evolving client requirements.
- Participate in investigations into problematic activities and security incidents.
- Participate in the design and execution of vulnerability assessments penetration tests and security audits.
- Act as advocate for the company's security vision via regular written and inperson communications with the company's executive's, department heads and end users.
- Work closely with IT department on corporate technology development to fully secure information computer network and processing systems.
- Ensure that facilities premises and equipment adhere to all applicable laws and regulations and meet compliance requirements (SOC, ISO, NIST, etc.).
- Recommend and implement changes in security & privacy policies and practices in accordance with changes in laws of serviced markets.
- Assess and communicate all security risks associated with all purchases or practices performed by the company.
- Collaborate with IT, senior leadership, legal counsel and human resources to establish and maintain a system for ensuring that security and privacy policies are met.
- Demonstrate ownership for security and privacy technologies that include; Vendor Management, training, satisfaction, ROI, roadmap, integrations, security and compliance.
- Develop and deliver security and privacy awareness program with periodic testing
- Manage training and simulation platform
- Develop and maintain policies and programs to enforce and improve security
- Maintain awareness of privacy legislation in all serviced markets and potential impact to strategy
- Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation deployment and management of current and future security technologies using a riskbased assessment methodology.
- Develop and communicate security strategies and plans to executive team staff partners customers and stakeholders.
- Assist with the design and implementation of disaster recovery and business continuity plans procedures audits and enhancements.
- Develop implement maintain and oversee enforcement of policies procedures and associated plans for system security administration and user system access based on industrystandard best practices.
Education/Certification/Experience
- Postsecondary education ideally in the fields of computer science and/or business administration. 15+ years of experience working in IT; 10+ years of experience holding security & privacy responsibilities.
One or more of the following certifications would be an asset:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Privacy Professional (CIPP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified in Risk and Information Systems Control (CRISC)
Demonstrated understanding of applicable laws and regulations and their implications to business: General Data Protect
More jobs from Info-Tech Research Group Inc. - Canada
-
HR Generalist
London, Canada - 3 weeks ago
-
Member Experience Coordinator
London, Canada - 2 days ago
-
Corporate Social Responsibility
London, Canada - 2 weeks ago
-
Research Analyst
London, Canada - 2 weeks ago
-
Category Specialist
Toronto, Canada - 2 weeks ago
-
Co-op Service Desk Technician
London, Canada - 1 week ago