94 Cism jobs in Canada

Dir., Sécurité de l’information

Postuler remote type Hybride locations Toronto, Ontario time type Temps plein posted on Publié il y a 2 jour(s) time left to apply Date de fin : 20 décembre 2024 (Il reste 19 jours pour postuler) job requisition id R_1376184

Lieu de travail : Toronto, Ontario, Canada

Horaire : 37.5

Secteur d’activité : Solutions technologiques

Détails de la rémunération : $91,200 - $136,800 CAD

En tant que candidat, nous vous encourageons à poser des questions sur la rémunération et à avoir une conversation franche avec votre recruteur, qui pourra vous fournir des détails plus précis sur ce poste.

Description du poste :

Team Overview :

The RMP / Technology Control Office (TCO) is part of Enterprise Protect 1B line of defence. The TCO team is responsible for protecting TS organizations by ensuring technology risk are identified, communicated, reported, managed, and remediated.

Job Description :

Reporting to the Senior Manager of the TCO team, the successful candidate will be responsible for monitoring and overseeing the whole technology risk landscape for the Enterprise Data Management, Data Platform (DaaS) and Business Data Management Platforms with the overall objective to drive and help the platforms in reducing and mitigating any identified risk exposure, in alignment with TD technology standards. Specific responsibilities include :

Overall Risk Management :

• Maintain a strong understanding of current business and technology risks, emerging risks, and regulatory landscape.
• Operate as a centralized risk mitigation and remediation intake manager.
• Work with the TCO lead, various risk partners and TS segment leadership.
• Oversee & monitor the execution of risk remediation / mitigation and enterprise initiatives.
• Coordinate with the relevant TCO or BISO subject matter experts.
• Provide P&T / TS teams senior leadership transparency on portfolio of risk remediation programs.
• Facilitate the development of remediation strategies.

Risk & Control Examinations

Job Requirements :

J-18808-Ljbffr

Who we are : Founded in 2001, Vivid Seats (NASDAQ: SEAT) is a leading online ticket marketplace committed to becoming the ultimate partner for connecting fans to the live events, artists, and teams they love. We believe in the power of experiences and are fiercely dedicated to building products that inspire human connections. Named as one of Built In's top places to work in 2025, we believe that our People are our greatest competitive advantage. To support our People, we have built a company culture that empowers our employees to embrace challenges, encourages unity through collaboration, and seeks to constantly evolve by leveraging data and inspiring innovation.

We believe in harnessing emerging technology to power performance and unlock creativity. As part of our culture of innovation, we actively embrace the use of AI tools to enhance decision-making, improve workflows, and produce better outcomes for our customers .

The Opportunity:

The Manager, Information Security is responsible for leading the design and integration of information security into key areas of the Vivid Seats business. This role is critical in ensuring that security is baked in up front to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Vivid Seats operates. This role partners with platform engineering teams to drive security practices and principles related to cloud-based infrastructure, software engineering teams to drive security practices and principles into a fast-paced Agile development cycle and product owners to understand business requirements and landscape.

In addition to bringing Information Security best practices, you will help develop a collaborative, cross-disciplinary and high-performing team while overseeing and improving organizational design, structure, priorities, management processes and reporting information systems. You will be responsible for coordinating project efforts, while building productive, value-added partnerships with vendors. You will also be integral in building an engaged Vivid Seats corporate security culture. “How” results are achieved will be as important as “what” is achieved.

How your role expectations will progress as a Manager, Information Security in the first 30, 90, and 180 days:
30 days in

• Acclimate to Vivid Seats’ values and organizational goals to understand how your department drives initiatives forward.
• Understand the team’ contributions and the needs of stakeholders that rely on your deliverables to bring business objectives to life.
• Partner with Director, Information Security, Engineering and Product leaders to align on technology vision and roadmap.
• Meet with and begin regular 1:1s with team members to understand their motivations, strengths, and areas you can support them with.

60 days in

• Align with team members to achieve personal and functional goals that correlate to department objectives.
• Develop and lead initiatives for the team that enhance process, drive innovation, and build on Vivid Seats values.
• Strategically drive the Information Security operational metrics by refining the technical roadmap and/or processes as required.
• Identify within the team how ways of working can be improved with the objective of increasing velocity and results.
• Build trust and relationships with team and key stakeholders including executives

90 days in

• Monitor and evolve team deliverables, individual goals, and overall performance to ensure alignment with broader initiatives of your department and the organization
• Collaborate with stakeholders to confirm accurate prioritization and refine processes for collaboration and best practices.
• Meaningfully contribute to department roadmap exercises that balance current needs with future strategic initiatives.
• Be a thoughtleader for Information Security within the company, supporting and influencing other verticals in the business.

What You’ll Bring:

• 8+ years of combined experience in information security and technology with expertise in secure cloud and/or web applications in an e-commerce environment.
• 3 years of experience leading a team and people management.
• Extensive knowledge of current and emerging IT security technologies and techniques covering all levels of cloud and applications.
• Strong business acumen with the ability to drive information security initiatives with a business-first mindset, ensuring alignment with Vivid Seats’ goals of connecting fans to live events and enhancing customer trust.
• Deep understanding of Cloud infrastructure (AWS, GCP, or Azure Cloud) concepts, services and related controls.
• Advanced knowledge of information security concepts and technologies such as SCA, SAST, DAST, IAM, vulnerability management, firewalls, IPS/IDS, network analyzers, proxies, SEIM, SOAR, encryption, cloud-based security control services, WAF, bot mitigation.
• Experience with two or more (or preferably full-stack technology experience) operating systems, infrastructure & cloud infrastructure, software engineering, technology product or service ownership.
• Deep knowledge of multiple cyber security governance and compliance frameworks such as FISMA, NIST CSF, ISO 27000, PCI, SOX, SOC2.
• Experience delivering training to technology SMEs in other areas.
• Ability to lead large internal security technology projects and security remediation projects with significant dependencies on external IT and product teams.

We believe in a hybrid 3 days/week in-office working model, which provides employees the flexibility to take advantage of in-person and remote collaboration.

Our Commitment: We are an equal opportunity employer that values the critical importance of a diverse workforce and sense of belonging. Many of our roles have flexible requirements and we encourage you to apply regardless of whether you meet every qualification.

Create a Job Alert

Interested in building your career at Vivid Seats? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

What's one of the best live events you've attended?

Do you currently live in the Toronto area? * Select.

We are in office 3 days per week (Tuesday-Thursday). Please confirm if you are open to that hybrid schedule. Select.

What are your compensation expectations? *

Are you currently eligible to work in Canada? * Select.

Do you now, or in the future, require visa sponsorship to continue working in Canada? * Select.

How did you hear about us? * Select.

LinkedIn
Google
InDeed
BuiltIn
Glassdoor
Zip Recruiter
Referral (Please Specify Employee Below)
Social Media (Please Specify Below)
Other Job Board (Please Specify Below)

Additional Info

Work Location :

Toronto Ontario Canada

Hours : 37.5

Line of Business : Technology Solutions

Pay Details : 91200 - $136800 CAD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidates skills and experience job-related knowledge geographic location and other specific business and organizational needs.

As a candidate you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Job Description :

In this role you will interact with business analyst developers QA architects and senior management as needed. At TD we hope youll be inspired both by the work we do and the people who make it all happen.

• Analyze and understand existing business requirements.
• Collaborate with stakeholders / business analysts to identify new use cases for development.
• Estimate timelines on design / development efforts.
• Configure develop customize and maintain the ServiceNow SIR platform including forms UI policies ACLs client scripts workflows business rules dashboards and more
• Ensure design leverages existing reusable components traces back to business requirements and that new modules are designed with reusability in mind.
• Participate in agile ceremonies design meetings and peer reviews
• Consult on development of User Story creation & Story Refinement
• Review technical deliverables for quality throughout detailed design and development phase identify gaps or redesign as needed.
• Define metrics and performance goals with technology partners and peers.
• Document details on technical design solution and implementation
• Integrate ServiceNow with other systems
• Onboard new teams / partners to SIR
• Share ServiceNow expertise and develop colleagues
• Suggest alternative solutions based on ServiceNow best practices
• Challenge yourself as an expert lead innovator and change agent for the programs and services under management.
• Review internal team process and provide feedback for automation / improvement
• Adhere to internal policies and procedures technology control standards and applicable regulatory guidelines.
• Support knowledge management processes and ensure knowledge is codified monitored tracked and managed.
• Provide technical support to promptly resolve escalated incidents / outages.

What can you bring to TD

Share your credentials but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have :

Who We Are :

TD is one of the worlds leading global financial institutions and is the fifth largest bank in North America by branches / stores. Every day we deliver legendary customer experiences to over 27 million households and businesses in Canada the United States and around the world. More than 95000 TD colleagues bring their skills talent and creativity to the Bank those we serve and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers communities and colleagues.

TD is deeply committed to being a leader in customer experience that is why we believe that all colleagues no matter where they work are customer facing. As we build our business and deliver on our strategy we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether youve got years of banking experience or are just starting your career in financial services we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs were here to support you towards your goals. As an organization we keep growing and so will you.

Our Total Rewards Package

Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial physical and mental well-being goals. Total Rewards at TD includes a base salary variable compensation and several other key plans such as health and well-being benefits savings and retirement programs paid time off banking benefits and discounts career development and reward and recognition programs. Learn more

Additional Information :

Were delighted that youre considering building a career with TD. Through regular development conversations training programs and a competitive benefits plan were committed to providing the support our colleagues need to thrive both at work and at home.

Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations requirements.

Colleague Development

If youre interested in a specific career path or are looking to build certain skills we want to help you succeed. Youll have regular career development and performance conversations with your manager as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience or you want to coach and inspire your colleagues there are many different career paths within our organization at TD and were committed to helping you identify opportunities that support your goals.

Training & Onboarding

We will provide training and onboarding sessions to ensure that youve got everything you need to succeed in your new role.

Interview Process

Well reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation

Your accessibility is important to us. Please let us know if youd like accommodations (including accessible meeting rooms captioning for virtual interviews etc.) to help us remove barriers so that you can participate throughout the interview process.

We look forward to hearing from you!

Language Requirement (Quebec only) :

Sans Objet

Required Experience :

Manager

Key Skills

International Development,EMC,JavaScript,Import & Export,Airlines,Asp.Net MVC

Employment Type : Full-Time

Experience : years

Vacancy : 1

Monthly Salary Salary : 91200 - 136800

Job Description

Founded in 1974, CMiC today delivers comprehensive and advanced enterprise and field operations solutions, purpose-built for construction and capital projects companies. CMiC’s powerful software transforms how firms optimize productivity, minimize risk and drive growth by planning and managing all financials, projects, resources, and content assets - all from a single database platform.

In the past several years, the construction industry has experienced unprecedented changes driven by new technologies - including integration with multi-dimensional modeling, an explosion of cloud-based offerings and the demand for robust mobile capabilities. CMiC has kept pace by constantly upgrading and enhancing our advanced platform to reflect the changing needs of the industry, leading to significant growth as a company.

Job Overview/Position Summary

The Manager, Information Security will assist the Chief Information Security Officer (CISO) to develop and implement cybersecurity strategies that protect our organization's information assets and those of our customers’. This role requires a good understanding of cybersecurity principles, strong leadership skills, and the ability to collaborate across departments to achieve security goals

Primary Responsibilities:

• Assist in the development, implementation, and management of the organization's cybersecurity strategy.
• Monitor and analyze security threats, vulnerabilities, and incidents to identify risks and mitigate them effectively.
• Assist in the design and enforcement of security policies, standards, and procedures.
• Oversee implementation and evidence collection of the SOC 1 & 2 and ISO 27001 audits
• Collaborate with IT, legal, and other internal stakeholders to ensure alignment with security protocols and regulatory requirements.
• Provide technical and operational guidance in the development and implementation of information security programs.
• Manage security incidents and coordinate incident response efforts, including root cause analysis and remediation.
• Stay current with emerging security trends, technologies, and regulatory changes.
• Report on security metrics and provide updates to senior management and the Information and Privacy Governance Committee.

Other responsibilities

• Responsible for the development and maintenance of disaster recovery and business continuity plans and table top exercises.
• Responsible for regular security reviews and risk assessments to identify and address potential security weaknesses.

Requirements

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Certified Information Systems Security Professional (CISSP) or other relevant certifications.
• Minimum of 3 years of experience in information security management or a related role.

Skills and Competencies:

• A solid understanding of cybersecurity principles, network security, encryption, and vulnerability management
• Strong understanding of risk management framework and ability to identify, assess, and mitigate risks to the organization's information assets.
• Ability to develop and implement long-term security strategies that align with the organization's goals.

Preferred Qualifications (Optional)

• Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, AICPA Trust Services Criteria) and regulatory requirements.
• Be a self-starter and take ownership of initiatives.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
• Proven leadership abilities and experience in managing security team.
• Having IT Operational experience is a bonus.

Work Environment (Optional)

• CMiC has a hybrid work environment. Successful candidate is expected to be in the office one to two days a week.

Benefits

• Competitive benefits Package (including Health & Dental benefits)
• Paid vacation and personal days
• Townhall meetings where all employees are encouraged to participate in open discussions
• Located on York University’s campus, easily accessible by transit (TTC, GO, etc.), walking distance to shopping and restaurants
• Outdoor lunch space, including picnic tables
• An active Social Events Committee (past events include annual seasonal parties, pool and bowling tournaments, karaoke nights, Game nights, BBQs, and more)
• Health and Wellness focus including virtual yoga classes and wellness webinars
• RRSP Matching Program after 2 years of employment
• Experience in a rapidly growing, socially responsible corporation

CMiC is an Equal Opportunity Employer. In accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and the Ontario Human Rights Code, CMiC will provide accommodation to applicants with disabilities throughout the recruitment, selection and/or assessment process. If selected to participate in the recruitment, selection and/or assessment process, please inform Human Resources staff of the nature of any accommodation(s) that you may require.

Job Description

Who we are : Founded in 2001, Vivid Seats (NASDAQ: SEAT) is a leading online ticket marketplace committed to becoming the ultimate partner for connecting fans to the live events, artists, and teams they love. We believe in the power of experiences and are fiercely dedicated to building products that inspire human connections. Named as one of Built In's top places to work in 2025 , we believe that our People are our greatest competitive advantage. To support our People, we have built a company culture that empowers our employees to embrace challenges, encourages unity through collaboration, and seeks to constantly evolve by leveraging data and inspiring innovation.

We believe in harnessing emerging technology to power performance and unlock creativity. As part of our culture of innovation, we actively embrace the use of AI tools to enhance decision-making, improve workflows, and produce better outcomes for our customers.

The Opportunity:

The Manager, Information Security is responsible for leading the design and integration of information security into key areas of the Vivid Seats business. This role is critical in ensuring that security is baked in up front to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Vivid Seats operates. This role partners with platform engineering teams to drive security practices and principles related to cloud-based infrastructure, software engineering teams to drive security practices and principles into a fast-paced Agile development cycle and product owners to understand business requirements and landscape.

In addition to bringing Information Security best practices, you will help develop a collaborative, cross-disciplinary and high-performing team while overseeing and improving organizational design, structure, priorities, management processes and reporting information systems. You will be responsible for coordinating project efforts, while building productive, value-added partnerships with vendors. You will also be integral in building an engaged Vivid Seats corporate security culture. "How" results are achieved will be as important as "what" is achieved.

How your role expectations will progress as a Manager, Information Security in the first 30, 90, and 180 days:

30 days in

• Acclimate to Vivid Seats' values and organizational goals to understand how your department drives initiatives forward.
• Understand the team' contributions and the needs of stakeholders that rely on your deliverables to bring business objectives to life.
• Partner with Director, Information Security, Engineering and Product leaders to align on technology vision and roadmap.
• Meet with and begin regular 1:1s with team members to understand their motivations, strengths, and areas you can support them with.

60 days in

• Align with team members to achieve personal and functional goals that correlate to department objectives.
• Develop and lead initiatives for the team that enhance process, drive innovation, and build on Vivid Seats values.
• Strategically drive the Information Security operational metrics by refining the technical roadmap and/or processes as required.
• Identify within the team how ways of working can be improved with the objective of increasing velocity and results.
• Build trust and relationships with team and key stakeholders including executives

90 days in

• Monitor and evolve team deliverables, individual goals, and overall performance to ensure alignment with broader initiatives of your department and the organization
• Collaborate with stakeholders to confirm accurate prioritization and refine processes for collaboration and best practices.
• Meaningfully contribute to department roadmap exercises that balance current needs with future strategic initiatives.
• Be a thought leader for Information Security within the company, supporting and influencing other verticals in the business.

What You'll Bring:

• 8+ years of combined experience in information security and technology with expertise in secure cloud and/or web applications in an e-commerce environment.
• 3 years of experience leading a team and people management.
• Extensive knowledge of current and emerging IT security technologies and techniques covering all levels of cloud and applications.
• Strong business acumen with the ability to drive information security initiatives with a business-first mindset, ensuring alignment with Vivid Seats' goals of connecting fans to live events and enhancing customer trust.
• Deep understanding of Cloud infrastructure (AWS, GCP, or Azure Cloud) concepts, services and related controls.
• Advanced knowledge of information security concepts and technologies such as SCA, SAST, DAST, IAM, vulnerability management, firewalls, IPS/IDS, network analyzers, proxies, SEIM, SOAR, encryption, cloud-based security control services, WAF, bot mitigation.
• Knowledge of and hands-on experience with multiple architectures and technology elements such as MySQL, n-tier, J2EE, Web Services, React, Browser, Android, iOS, React Native, Node.js, Next.js, JAMstack, AWS, K8s, Microservices / Service Mesh.
• Experience writing and/or testing code and scripts with one or more languages such as Java/JavaScript, Python/Perl/bash/python.
• Experience with two or more (or preferably full-stack technology experience) operating systems, infrastructure & cloud infrastructure, software engineering, technology product or service ownership.
• Deep knowledge of multiple cyber security governance and compliance frameworks such as FISMA, NIST CSF, ISO 27000, PCI, SOX, SOC2.
• Experience delivering training to technology SMEs in other areas.
• Ability to lead large internal security technology projects and security remediation projects with significant dependencies on external IT and product teams.

Location : Toronto, ON

101-30 Duncan St.
Toronto, Ontario M5V 2C3

We believe in a hybrid 3 days/week in-office working model, which provides employees the flexibility to take advantage of in-person and remote collaboration.

Our Commitment:
We are an equal opportunity employer that values the critical importance of a diverse workforce and sense of belonging. Many of our roles have flexible requirements and we encourage you to apply regardless of whether you meet every qualification.

Join to apply for the Senior Manager, Information Security role at TD

Join to apply for the Senior Manager, Information Security role at TD

Work Location:
Toronto, Ontario, Canada
Hours
37.5
Line Of Business
Technology Solutions
Pay Details
$108,800 - $63,200 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
Responsibilities
Job Description:

• Lead Third-Party Cybersecurity governance and oversight program including scope, governance & transformation responsibilities.
• Acts as an escalation point for the 3PCRM team, assisting and supporting them in dealing with the most complex and challenging engagements & stakeholders
• Ensure effective governance and oversight of the 3PCRM program including the effective design and execution of cybersecurity controls.
• Responsible to serve as a trusted SME providing bank wide third-party cyber strategy, guidance, governance over Third-Party Cybersecurity risks and controls
• Lead program to identify and reduce the supply chain cyberattack surface by identifying risks represented by third parties, proposing remediation actions, and making risks transparent to stakeholders.
• Develop Third-Party Cyber strategy to maintain and uplift the program to align with Regulatory, Industry and Bank standards
• Establish the governance model and the accountability for Third-Party Cybersecurity end to end program
• Streamline and standardize third party cyber processes and procedures for effective risk management
• Manage technology and cyber risk controls in compliance with standards, processes and industry / regulatory guidelines
• Collaborate with SMEs to ensure Third-Party risk reduction across all key security functions including IAM, Network Security, AppSec, Data Protection, etc
• Identify potential threats in the outsourced infrastructure and implement effective mechanisms for mitigating them.
• Support on Regulatory and Audit responses related to technology risks associated with 3PCRM.
• Interact with a wide range of stakeholders both externally and within TD
• Collaborate with partners by providing Cybersecurity & Third-Party expertise and advice to enable informed decisions in alignment with the overall risk tolerance of the Enterprise.
• Proactively inform partners on overall risk position through reporting, metrics, analysis and insights.
• Support speed, simplicity, agility in decision making and action
  

• 10+ yrs of experience in Cybersecurity, Third-Party Risk and GRC
• In-depth knowledge of assessing Third-Party risk and associate cyber controls for a FI
• Experience implementing / managing operating model for risk management function in global organization
• Leadership experience, executive communications, able to track deliverables and ensure quality of deliverables.
• Problem-solving mindset and hands-on approach to complex issues
  

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Banking

Referrals increase your chances of interviewing at TD by 2x

Get notified about new Senior Manager Information Security jobs in Toronto, Ontario, Canada.

Director of Information Security and GRC

Director of Information Security (Toronto, ON /Vancouver, BC)

Senior Systems and Information Management Manager

Chief Information Security Officer (CISO)

Manager, Information Security Strategic Execution

Senior Information Security and Compliance Manager

Data Security Manager, Information Security, IT

Senior Manager, Identity, Access & Management

Senior Audit Manager, IT & Cyber Security Audit

Incident and Problem Manager, IT Security

Audit Manager, IT & Cyber Security Audit

Senior Manager, Information Risk Assurance Program

Information Security Specialist (Network Governance)

Toronto, Ontario, Canada CA$90.00-CA$100.00 3 weeks a o

Power BI Developer - Long term contract - Hybrid

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Work Location :

Toronto Ontario Canada

Hours : 37.5

Line of Business : Technology Solutions

Pay Details : 108800 - $163200 CAD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidates skills and experience job-related knowledge geographic location and other specific business and organizational needs.

As a candidate you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Job Description : Responsibilities :

• Lead Third-Party Cybersecurity governance and oversight program including scope governance & transformation responsibilities.
• Acts as an escalation point for the 3PCRM team assisting and supporting them in dealing with the most complex and challenging engagements & stakeholders
• Ensure effective governance and oversight of the 3PCRM program including the effective design and execution of cybersecurity controls.
• Responsible to serve as a trusted SME providing bank wide third-party cyber strategy guidance governance over Third-Party Cybersecurity risks and controls
• Lead program to identify and reduce the supply chain cyberattack surface by identifying risks represented by third parties proposing remediation actions and making risks transparent to stakeholders.
• Develop Third-Party Cyber strategy to maintain and uplift the program to align with Regulatory Industry and Bank standards
• Establish the governance model and the accountability for Third-Party Cybersecurity end to end program
• Streamline and standardize third party cyber processes and procedures for effective risk management
• Managetechnology andcyberrisk controls in compliance with standards processes and industry / regulatory guidelines
• Collaborate with SMEs to ensure Third-Party risk reduction across all key security functions including IAM Network Security AppSec Data Protection etc
• Identify potential threats in the outsourced infrastructure and implement effective mechanisms for mitigating them.
• Support on Regulatory and Audit responses related to technology risks associated with 3PCRM.
• Interact with a wide range of stakeholders both externally and within TD
• Collaborate with partners by providing Cybersecurity & Third-Party expertise and advice to enable informed decisions in alignment with the overall risk tolerance of the Enterprise.
• Proactively inform partners on overall risk position through reporting metrics analysis and insights.
• Support speed simplicity agility in decision making and action

Qualifications :

LI-TECH

Who We Are :

TD is one of the worlds leading global financial institutions and is the fifth largest bank in North America by branches / stores. Every day we deliver legendary customer experiences to over 27 million households and businesses in Canada the United States and around the world. More than 95000 TD colleagues bring their skills talent and creativity to the Bank those we serve and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers communities and colleagues.

TD is deeply committed to being a leader in customer experience that is why we believe that all colleagues no matter where they work are customer facing. As we build our business and deliver on our strategy we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether youve got years of banking experience or are just starting your career in financial services we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs were here to support you towards your goals. As an organization we keep growing and so will you.

Our Total Rewards Package

Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial physical and mental well-being goals. Total Rewards at TD includes a base salary variable compensation and several other key plans such as health and well-being benefits savings and retirement programs paid time off banking benefits and discounts career development and reward and recognition programs. Learn more

Additional Information :

Were delighted that youre considering building a career with TD. Through regular development conversations training programs and a competitive benefits plan were committed to providing the support our colleagues need to thrive both at work and at home.

Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations requirements.

Colleague Development

If youre interested in a specific career path or are looking to build certain skills we want to help you succeed. Youll have regular career development and performance conversations with your manager as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience or you want to coach and inspire your colleagues there are many different career paths within our organization at TD and were committed to helping you identify opportunities that support your goals.

Training & Onboarding

We will provide training and onboarding sessions to ensure that youve got everything you need to succeed in your new role.

Interview Process

Well reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation

Your accessibility is important to us. Please let us know if youd like accommodations (including accessible meeting rooms captioning for virtual interviews etc.) to help us remove barriers so that you can participate throughout the interview process.

We look forward to hearing from you!

Language Requirement (Quebec only) :

Sans Objet

Required Experience :

Senior Manager

Key Skills

International Development,EMC,JavaScript,Import & Export,Airlines,Asp.Net MVC

Employment Type : Full-Time

Experience : years

Vacancy : 1

Monthly Salary Salary : 108800 - 163200

Date Posted: 07/03/2025
Req ID: 43493
Faculty/Division: Ofc of the Chief Information Officer
Department: Information Security
Campus: St. George (Downtown Toronto)
Description:
Under the general supervision of the Associate Director, Information Security Strategic Initiatives, the Manager, Information Security Strategic Execution is the University of Toronto lead for driving delivery of institutional top priority information security projects.
Supervising a team of professionals and project-specific contractors & third-party services, the Manager oversees a portfolio of strategic initiatives, establishes project governance structures such as steering committees and advisory boards, manages project budgets, and ensures matrix teams follow standard project delivery and management processes. The Manager is responsible for ensuring University of Toronto divisions and departments are properly engaged, informed, and actively collaborating on institutional information security strategic initiatives.
As a member of the ITS management team, the Manager works with others to continuously review and enhance standardized project management process, refine divisional engagement models, and defines appropriate project metrics and consistent reporting workflow, formatting, and tracking technology.
With a strong business-oriented focus, the Manager, Information Security Strategic Execution is responsible for working with Information Technology staff and resources at the University of Toronto to develop and deliver coordinated and strategic efforts to minimize risk of compromise of servers, and server-based applications. Work is done in the context of existing policy, guidelines and applicable legislation in a fluid, consultative environment. The Manager, Information Security Strategic Execution leads analysis of complex projects or business practices to directly identify and mitigate privacy and security risks. They are responsible for escalating timely and emerging information risks to the university.
Qualifications:
EDUCATION:
University degree in Computer Science, Engineering, or an equivalent combination of education and experience.
EXPERIENCE:
-Ten-plus years working in an Information Technology environment.
-Five-plus years in a team lead or senior/supervisory role in an IT environment. Five-plus years working with Information Security as a prime focus of activity. Five-plus year experience with project and portfolio management.
-Experience in software and hardware project delivery in a high-volume, large, strategic enterprise IT environment.
-Experience as a Technical Lead focused on designing and delivering solutions and systems integrations.
-Experience with Agile and/or Waterfall Project/Program delivery DevOps, or DevSecOps experience.
-Experience with service development and service management. Managerial experience over highly skilled staff.
-Project management experience of complex strategic projects, particularly using an Agile Scrum development methodology .
-Strong experience of delivering digital transformation initiatives, working with business analysts, developers, developing user stories and personas, and product roadmaps.
-Strong experience with systems architecture, development and design, SaaS/PaaS processes, database management, capacity management, virtualization technologies and cloud computing. Strong experience with writing and refining user stories, test cases and acceptance criteria and owns their quality.
-Knowledgeable across multiple functional areas such as product management, software engineering, UX/UI, and customer support.
-Proven experience in translating technical requirements into business language and client requirements into technical language.
-Experience negotiating with service providers, establishing and monitoring service level agreements.
-Understanding of client and server application deployment and support. Understanding of client and server activity tracking.
-Experience in platform migration. Experience in software / service deployment.
-Understanding of IT Architecture concepts and security methodologies. Experience developing information security standards and guidelines. Expert knowledge of information security risk and risk mitigation concepts. Experience configuring high availability solutions.
-Experience compiling and installing software packages from source. Knowledge of TCP/IP networking and client-server architecture and protocols.
-Experience with intrusion detection and prevention – host and network, active and passive. Experience in selecting, configuring and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
-Extensive experience developing, using and evaluating risk assessment procedures such as questionnaires and survey.
-Experience with Network-available storage / Storage Area Network security.
SKILLS:
Strong communication skills, both oral and written.Strong technical and business solutions design and systems planning skills.Excellent knowledge of services development, systems analysis, specifications techniques and implementation strategies.Excellent staff management, project management, technical lead and facilitation skills. Adept at conforming to shifting priorities, demands and timelines through analytical and problem-solving capabilities.Ability to master new technology quickly.Ability to quickly assess security incidents based on limited, often incomplete information, and rapidly interpret server / network diagnostic logs.Strong understanding of change and configuration management processes. Excellent oral and written communication skills and ability to produce high-quality, comprehensive communications materials.Ability to work both independently and in a team-oriented, collaborative environment. Strong ability to elicit cooperation and collaboration from a wide variety of sources, including upper management, stakeholders, and other departments.Excellent conflict resolution skills with strong ability to exercise judgement, tact, discretion and determination.Adept at conducting research into technical or project-related issues and products, to continually improve processes and solutions as technology changes.Strong organization skills with the ability to effectively prioritize and execute tasks in a high- pressure environment.Ability to translate and leverage data into a story that drives business opportunity, project objectives and prioritization.Ability to track and evaluate product analytics post launch leveraging data to provide relevant optimizations for improved performance.Adept at conforming to shifting priorities, demands and timelines through analytical and problem-solving capabilities.Adept at quickly learning, understanding, and applying new technologies and process frameworks.
OTHER:
Both broad and in-depth knowledge of industry innovations and state-of-the-art technology in both computing and networking arenas. Strong organizational and interpersonal skills.Familiarity with financial requirements of project management a plus. IT Security certifications held or in progress a plus. Familiarity with database administration and operation a plus.Exposure to e-commerce and other net-centric business models highly desirable, as is experience with, and ability to provide support outside of normal working hours, as needed.
Closing Date:07/18/2025, 11:59PM ET
Employee Group: Salaried
Appointment Type: Budget - Continuing
Schedule: Full-Time
Pay Scale Group & Hiring Zone:PM 5 -- Hiring Zone: $118,368 - $38,097 -- Broadband Salary Range: 118,368 - 197,280
Job Category: Information Technology (IT)

We are hiring a Senior Manager of GRC in our Information Security department!

The Role :

A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security, is responsible for ensuring the security, integrity, and availability of First National information assets. The candidate will contribute to the management and continuous improvement of security program(s). The position entails the development, implementation, and compliance of security control programs across the organization.

This role requires the following skills :

• Specialized knowledge and experience in information security, security strategies, and security management frameworks.
• Knowledge and understanding of current security standards and best practices, particularly ISO 27001.
• Development, maintenance and review of Information Security Policy, Standards, Processes and Procedures
• Effective and dynamic communicator.

Reporting To :

Full-Time / Part- Time :

Full-time

Posting Date : March 6, 2024

Closing Date : April 6, 2024

Hours of Work : 8 : 30 – 5 : 00

Grade : Office Location :

Downtown Toronto

Great location! Steps away from the main public transit station

What we offer :

Highly competitive compensation package which includes, base salary, bonus, benefits, and career advancement opportunities!

• Eligibility for benefits is dependent on the terms of employment

What you will do :

• Review and improve the Information Security Management Framework.
• Build strong cross-organizational relationships.
• Manage the security risk management and compliance strategy, framework, and approach.
• Advise other teams within First National in the design and implementation of effective security controls.
• Proactively track and communicate the status of the risk response activities.

Governance

• Defining, implementing, communicating, and monitoring the Information Security Strategy and Program.
• Review, update, development, and implementation of security policies, procedures, and technical security standards to secure First National Assets and ensure security and compliance with associated risks, contracts, regulations, and industry standards.
• Ensure that the Security Governance frameworks are institutionalized and compliant, and aligned with security standards, particularly ISO27001.
• Support in preparing and running the security steering committee meetings.
• As part of managing the larger GRC program, the role involves managing the Data Security program, IAM Program and Physical Security program.
• Participate and promote the security training awareness program.
• Development reports and presentations as required.
• Provide briefings to senior management and advise them of critical risks and issues that may affect enterprise security objectives.
• Support in expansion of the Information Security framework and program within the enterprise.
• Ensure that Information Security projects meet their required goals, constraints are addressed, and resources are aligned, as defined by the project stakeholders.
• Lead the Information Security Risk Management program, through evaluation of information security risks, accounting for people, processes, data, and all associated security controls.
• Provide oversight of all relevant information security risks, and support in risk treatment of identified risks.
• Assist in the third-party risk assessments process to ensure risk identification, transparency and business acceptance and contractual obligations.
• Ensure that all the program-specific risk assessment results, such as Data Security, IAM security, Physical Security, Security Operations, Application Security, etc. dovetail into the information security risk management program.

Compliance Management

• Control monitoring and review of internal security risk assessments.
• Develop, document, and assess measures, metrics, and internal controls related to cyber security assessments and acceptance.
• Develop, document, and assess measures, metrics, and internal controls related to information security assessments and acceptance.
• In conjunction with Legal, Privacy and Compliance, identify information management and protection laws and regulations and implement actions to ensure compliance.
• Ensure that the programs maintain compliance with relevant laws and regulations, as appropriate.

Audit Management

• Assist in all current and future security related audit and certification processes.
• Support audit and assessment activities, such as internal and external audit, vendor assessments, benchmarking, etc.

The Requirements Needed :

• A total of 10 years of experience, with a minimum of 7 years of prior information security management work experience in a medium or large size organization is required in the GRC domain.
• Bachelor’s degree in computer science or the equivalent work experience is required. Graduate degree preferred.
• Information security certifications, such as CISSP, CISM, ISO27001 or equivalent preferred.
• Information systems auditing certification such as CISA, or experience is desirable.
• Preference will be given to candidates who have experience and / or familiarity with Azure, Defender for Cloud, and Microsoft suite of security products.
• Management experience in financial services industry is beneficial.
• Must have experience with information security management frameworks.
• Experience developing and maintaining information security policies, standards, processes, guidelines, procedures, controls, for financial institutions or processors.
• Track record of planning and executing complex work efforts.
• Strong interpersonal communication, analysis, and writing skills.
• Leadership skills including ability to work effectively with business unit managers, application development and IT operations staff.
• Able to align management and leadership strategies when working on projects.
• Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others.
• Superior verbal and written communication skills.
• Must be a team player.
• Ability to successfully lead extended teams through new and complex concepts and processes.

The team you will join :

Founded in 1988, First National is one of Canada’s largest non-bank lenders. We provide residential mortgages exclusively through our mortgage broker channel and service commercial clients through our national origination team of empowered advisors.

At First National, It’s in our Nature is our rallying cry. It underlies our values, beliefs, and how we show up for each other, our clients, our partners and the community. Our nature defines who we are and guides every decision we make.

First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation or any other category protected by law.

First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at .

We would like to thank all applications for their interest, but only candidates selected for an interview will be contacted.

FNLOON

Create a job alert for this search

Manager Information Security • Toronto, Ontario, Canada