Data Centre - Toronto, Canada - The Travel Corporation (Canada)

The Travel Corporation (Canada)

Verified Company

Toronto, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

The Travel Corporation is an industry leader, and career opportunities at The Travel Corporation are as diverse as the travel experiences we offer.

Our teams, our family, is absolutely our greatest asset. Working with a collaborative team spirit, we are dedicated to providing exceptional service to our customers.

The Travel Corporation offers employees a comprehensive benefits package; training and support to foster career development; travel opportunities; and a driven culture anchored to the principals of diversity and inclusivity.

ABOUT US
We are driven by service through PASSION, PEOPLE & PURPOSE. A Family of Brands making travel matter for over 100 years.

In your role your purpose would be to oversee cybersecurity, privacy and information risk management for The Travel Corporation global organization.

The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected.

HOW YOU'LL WORK

Define a comprehensive cybersecurity strategy and target operating model that is aligned with our business objectives
Develop the vision, principles, strategy and roadmap for cybersecurity, covering tools, controls, processes, and technology
Develop and track a clear, measurable cybersecurity plan
Advise on compliance and policy development
Providing consultancy, making decisions and providing advice to members of TTC on IT Security
Develop and update Information security policies.
Assume responsibility for our information security and compliance program
Build, develop and lead a high performing cybersecurity and compliance team
Advise business and leadership in the implementation of cybersecurity and compliance
Present regular reports to The Travel Corporation executives and Board of Directors
Integrate an information and cyber security risk management framework
Define and deliver a cybersecurity culture and awareness program for employees and partners
Define and implement an information assurance framework, ensuring regulatory compliance
Monitor and respond to security and privacy incidents
Lead the implementation of a secure system development lifecycle
Conducting continuous assessment of current security practices and systems
Identifying areas for improvement, devising strategies to minimize the risk of cyberattacks
Delivering new security technology approaches and implementing next generation solutions
Developing and implementing cybersecurity continuity plans to ensure continuous service
Ensure that infrastructure and security resources and budgets are managed effectively, in accordance with company policy and procedures, and conduct short

- and long-term financial forecasts

Be an active member of the Canadian Management team, participating in meetings, leading change, and professionally supporting high level direction
Demonstrate dedication to meeting the expectations of internal and external customers, using the principles of the Consultative Sales Process (CSP)
Other duties as required and assigned

RECIPE FOR SUCCESS

Substantial experience in risk management, information security and incident response
Experience implementing a cybersecurity and compliance program in a global organization
Experience building and leading a cross functional cybersecurity and compliance team
Proven ability to define, implement and measure effective incident response playbooks
Proven record on managing a cybersecurity culture program
Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST
Knowledge of international privacy laws and financial reporting requirements
Ability to present complex or highly technical issues in simple and easytounderstand formats
Ability to build strong relationships and influence decisions with internal and external stakeholders
A solid understanding of project management methodology and how to implement security with it
Familiarity with cloud native technologies and agile development methodologies
Past experience leading the incident response to a largescale cybersecurity threat
Exceptional negotiation, presentation, and communication skills, both written and verbal
One or more of the following qualifications are highly desirable:

Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Payment Card Industry Professional (PCIP)

PERKS

You also get 2 weeks a year where you can work from anywhere in the world, your choice
Full health benefits package
To grow we offer a global training calendar, with a mix of virtual, inperson, and elearning courses. Plus, we give $3000 per year to support external learning and development courses that interest you and drive your passion
Giving back we giv