Director, Cybersecurity and IT Risk

What You Will Do:

• Responsible for protecting all IO assets, systems, proprietary and confidential information from cyber attacks:  
• Monitoring and enforcing organizational compliance against defined security policies, managing cyber incidents. 
• Leading the management, assessment and resolution of cyber incidents, as well as regular audits against the cyber security program.


• Development, implementation and continuous improvement of the enterprise cyber risk and security program:
• Developing and implementing the cybersecurity roadmap, define security policies, standards and procedures. 
• Overseeing Managed Security Service Providers to implement changes IO’s security infrastructure.
• Designing, coordinating and overseeing security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.


• Reporting, Communication and Training:  
• Providing security communication, awareness and training for range of audiences, including responding to security failures.
• Producing monthly cyber dashboards, ongoing updates and reporting.  Presenting to senior management on initiatives within and progress against the overall cyber roadmap.


• Assessment and ongoing management of vendors, applications, and other third-party risk to cyber security at IO:
• Collaborate on IT planning initiatives to ensure that security measures are incorporated and that service expectations are clearly defined.
• Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.


• Leadership:
• Work with the broader IT organization and business management to align priorities and plans with key business objectives.
• Manage a team of information security professionals. 

Who We're Looking For:

• University degree in Computer Science or a related discipline.
• Certified Information Systems Security Professional (CISSP) is required for the role.
• Certifications in ITIL, Azure, Security+, Certified Cloud Security Professional (CCSP)
• 7 – 10 years related experience in Cybersecurity is required for the role.
• 3 – 5 years leadership and people management experience is required.
• Experience liaising and/or presenting to executive management and/or Board level committees.

What's in it For you:

• Commitment to creating a diverse, equitable and inclusive culture that promotes a sense of belonging and represents and reflects the needs of the communities we serve.
• A flexible, hybrid work approach that allows colleagues to find balance between their professional and personal lives and making the most of the benefits of working remotely and purpose-driven in-person collaboration opportunities.
• A defined contribution pension plan, where IO contributes the equivalent of 5% of a full-time employee’s annual salary, with an option for IO to match an additional 2.5% contribution made by the employee. IO also offers a Group Retirement Savings Plan and Group Tax Free Savings Account, designed to help IO colleagues plan and save for their future.
• A comprehensive package that covers health, dental, vision, out-of-country care, paramedical services, and more.
• A pregnancy and parental leave program that offers expecting, eligible employees a top-up to 93% of their annual base salary for 31 weeks, and our parental leave program offers eligible employees a top-up to 93% of their annual base salary for 15 weeks.
• Access to our $500 Healthcare Spending Account to top up expenses not covered in the benefits program and a Lifestyle Account that expands the eligibility of health and wellness options and can include coverage for gym memberships and fitness equipment, nutrition counselling or financial planning.
• Support for professional development opportunities for all colleagues through a broad range of learning programs that include in-person and online training, leadership development, and support for colleagues’ well-being. IO will also cover the costs associated with up to two membership and licence fees per year for eligible colleagues if directly related to the employee’s role.
• Access to a suite of virtual healthcare options to support non-urgent medical needs
• A convenient, central location at 1 Dundas St West, easily accessible by public transit.