Manager, Information Security - London, Canada - Info-Tech Research Group Inc. - Canada

Info-Tech Research Group Inc. - Canada
Info-Tech Research Group Inc. - Canada
Verified Company
London, Canada

1 month ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description
Info-Tech is one of the world's fastest-growing IT research and advisory companies, proudly serving over 30,000 IT professionals. We are looking for a strong
Manager, Information Security & Privacy to join our team.

Why join us?


We are a growth focused, entrepreneurially spirited company that has consistently achieved YoY growth in our 25 years of operation and are especially proud of our double-digit growth in the midst of a global pandemic.


When you join Info-Tech you get access to unlimited opportunities for professional growth and development in your field of expertise or areas you are interested in.

We promote learning to help you be a better professional and we will also pay for some of those certifications.

You will work in a highly collaborative team that functions efficiently even in a remote work setting.

You will have flexibility to work from home, at the office (located in London / Toronto Ontario and quite fun), or in a hybrid mode.

We offer great competitive salaries, benefits plan, and RRSP matching plans.


The
Manager, Information Security & Privacy role is to assist the CIO by providing vision and leadership to develop, implement and support security & privacy initiatives within our organization.

The Manager, Information Security & Privacy will accomplish this by directly assessing and holistically managing all aspects of risk regarding IT security, privacy, and legislative/regulatory compliance issues as it relates to technology operations and strategy.


Focus Areas
1) Strategy Planning 10%

2) Training and Awareness 20 %

3) Operational Management 70%


Areas of Responsibilities
Operational Management (70%)

  • Complete security and contract reviews requested by clients in support of sales process. Review with CIO results, review trends and evolving client requirements.
  • Participate in investigations into problematic activities and security incidents.
  • Participate in the design and execution of vulnerability assessments penetration tests and security audits.
  • Act as advocate for the company's security vision via regular written and inperson communications with the company's executive's, department heads and end users.
  • Work closely with IT department on corporate technology development to fully secure information computer network and processing systems.
  • Ensure that facilities premises and equipment adhere to all applicable laws and regulations and meet compliance requirements (SOC, ISO, NIST, etc.).
  • Recommend and implement changes in security & privacy policies and practices in accordance with changes in laws of serviced markets.
  • Assess and communicate all security risks associated with all purchases or practices performed by the company.
  • Collaborate with IT, senior leadership, legal counsel and human resources to establish and maintain a system for ensuring that security and privacy policies are met.
  • Demonstrate ownership for security and privacy technologies that include; Vendor Management, training, satisfaction, ROI, roadmap, integrations, security and compliance.
Training and Awareness (20%)

  • Develop and deliver security and privacy awareness program with periodic testing
  • Manage training and simulation platform
Strategy Planning (10%)

  • Develop and maintain policies and programs to enforce and improve security
  • Maintain awareness of privacy legislation in all serviced markets and potential impact to strategy
  • Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation deployment and management of current and future security technologies using a riskbased assessment methodology.
  • Develop and communicate security strategies and plans to executive team staff partners customers and stakeholders.
  • Assist with the design and implementation of disaster recovery and business continuity plans procedures audits and enhancements.
  • Develop implement maintain and oversee enforcement of policies procedures and associated plans for system security administration and user system access based on industrystandard best practices.

Education/Certification/Experience

  • Postsecondary education ideally in the fields of computer science and/or business administration. 15+ years of experience working in IT; 10+ years of experience holding security & privacy responsibilities.

One or more of the following certifications would be an asset:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Privacy Professional (CIPP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
Experience achieving compliance in one or more of the following: Statement on Standards for Attestation Engagements no. 16 (SSAE 16); SOC 2; SOC 3; ISO/IEC 27001

Demonstrated understanding of applicable laws and regulations and their implications to business: General Data Protect
More jobs from Info-Tech Research Group Inc. - Canada
See all jobs of Info-Tech Research Group Inc. - Canada