35 Cybersecurity jobs in Toronto

**The Opportunity:**
**WSP** is currently seeking an **Industrial OT Cybersecurity Professional** to join our Cybersecurity team.
This job function reports into the ICS / OT Cybersecurity Practice Director and is a delivery-focused role for WSP projects and professional mandates.
This role aligns with WSP's "Future Ready" vision to become the industry leader in digital engineering services. WSP's ICS / OT Cybersecurity Practice is formed of Engineers, Specialists, and Consultants who plan, design and implement strategies, frameworks and solutions to ensure the security of (CNI) critical national infrastructures. Our mission is to deliver digital infrastructures that are resilient and can be maintained as such throughout their life cycle. This is an opportunity to work with leading experts within the ICS/OT Cybersecurity Industry, build a cross-functional network of professionals, work in a high-performing, flexible, fun and inclusive environment.
**Why choose WSP?**
+ We value and are committed to upholding a culture of **inclusion** and **belonging**
+ Our **Flexible** Work Policy - we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours. We will support you on and off the job so you can be fully present in both your work and home lives.
+ A **Canadian** success story - we're **proud** to wear the red and white of this beautiful country and show the world what Canada has to offer.
+ **Enhance** the world around you - from the environment to the highways, to the buildings and the terrain, WSP is the fabric of Canada.
+ **Outstanding** career opportunities - we're growing and pushing ourselves every day to be greater than yesterday - we're open to **your** ideas and trying **new** things.
+ A phenomenal **collaborative** culture and a workforce filled with genuinely **good** **people** who are doing humbly important work. Come find out for yourself what it's like to be a part of our journey.
We offer attractive pay, flexible work options, a great corporate culture, comprehensive and employee-focused benefits including virtual healthcare and a wellness platform as well as great savings programs, and a clear vision for the future.
# **WeAreWSP**
**What you can expect to do here:**
+ Provide cybersecurity expertise for Industrial Control Systems (ICS) and Operational Technology (OT) environments.
+ Input to the planning of all the cyber security activities needed for major infrastructure projects and / or focused client mandates, spanning the following aspects: requirements management, early feasibility studies, risk assessment, design, implementation, testing and commissioning, into operations & maintenance.
+ Execution of WSP's Cybersecurity project plans, to ensure the cyber resilience of the digital infrastructure through the following workstreams: governance & planning, tools and technologies, policies and procedures, and human factors.
+ Perform cyber security threat, vulnerability, and risk assessments by identifying all the critical assets, network connectivity and threat vectors, to define mitigation options and residual risk.
+ Derive, cascade, and clarify cyber security requirements to the suppliers of digital technology and controls systems, and engage in the procurement activities to manage cyber risk in the supply chain.
+ Perform, and eventually lead teams to perform, the necessary analysis to provide all the required evidence to support the project requirements and verification of security controls.
+ Liaise with engineering design and construction teams to ensure the cyber security activities and requirements are being implemented by the project team and by the suppliers.
+ Review cyber security submissions from suppliers, and designers, and provide detailed technical comments.
+ Plan, prepare and implement a cyber security testing strategy to validate the resilience of the digital infrastructure to external and internal threats.
+ Manage client relationships and advise clients on recommended actions relating to active projects.
+ Deliver review assignments in allocated timescales to meet overall project deadlines.
+ Identify opportunities for new work, and occasionally contribute to the development of bid materials and proposal exercises to support winning of new work.
**What you'll bring to WSP:**
**Technical qualification, experience, and skills:**
+ Computer Programming, Networking or Telecommunications Engineering degree, or equivalent
+ Relevant Cybersecurity training and certifications, for example: GICSP, GIAC, IEC 62443 suite, or a master's degree in Cybersecurity
+ 5 years minimum experience in the application of one or more of the following areas: - Information Technology / Data Centre / Cloud Environment- Telecommunications / Network Technology - Automation / SCADA / Control Systems - Computer Sciences / Software Engineering
+ The candidate will possess in-depth experience in the Industrial Cyber Security field with most recent experience having come from any of the following areas: - Business Risk Profiling and Management in the context of Cybersecurity
+ - Development of Cybersecurity operating models for clients' critical business operations - Vulnerability Scanning and Penetration Testing - Application security - Malware Reverse Engineering - Threat Intelligence - Security Architecture- Operational Technology/Industrial Control Systems Security- Telecom and Network Security- System or Network administration in a complex multi-national network
+ Experience in one or more of the following sectors: Transportation, Energy Infrastructure, Water/Wastewater, Manufacturing, Mining or other similar critical infrastructure Industrial Cybersecurity, or able to demonstrate equivalent exposure to control systems and network architecture and assets
+ Knowledge of NIST guidelines, ISA/IEC 62443 standards suite, and ISO 2700x cyber security frameworks
+ Fundamental understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
**Interpersonal and soft skills:**
+ Excellent communication skills, both written and verbal.
+ Proficiency in Microsoft Office, including Excel, Word, Visio, and Outlook.
+ Experience of utilizing CRM platforms for client relationship management.
+ The ability to work effectively remotely within an extended team.
+ The ability to understand responsibilities and willingness to be accountable of the work delivered.
+ Ability to work on multiple mandates simultaneously.
**What sets you apart:**
+ Experience in managing small technical teams and overseeing the workstreams of others at a project level.
+ Experience in Industrial Control System fields such as: manufacturing, transportation, energy, utilities, telecommunications and willing to go the "extra mile" to learn more about industrial digital infrastructures and their underlying cybersecurity.
+ Professional Engineer (PEng), or European equivalent: CEng (Chartered Engineer) certified and / or working towards these accreditations.
+ Experience working as a Consultant or Advisor to clients, taking into consideration budgetary and inter-disciplinary constraints, in conjunction with technical solution delivery
+ Hands-on experience using OT Cybersecurity Asset Discovery & Vulnerability solutions to gain actionable intelligence about clients' environments
+ Experience in Project Management of Cybersecurity or Networking assignments and projects is an asset.
+ SoC or MSSP experience is an asset.
+ CompTIA Network+, CompTIA Security+, GICSP, CISSP or equivalent certifications held.
+ Bilingual French / English, an asset
**WSP** is one of the world's leading professional services firms. Our purpose is to future proof our cities and environments.
We have over 65,000 team members across the globe. In Canada, our 12,000+ people are involved in everything from environmental remediation to urban planning, from engineering iconic buildings to designing sustainable transportation networks, from finding new ways to extract essential resources to developing renewable power sources for the future.
At **WSP** :
+ We value our people and our reputation
+ We are locally dedicated with international scale
+ We are future focused and challenge the status quo
+ We foster collaboration in everything we do
+ We have an empowering culture and hold ourselves accountable
Please Note:
Health and Safety is a core paramount value of WSP. Given the importance of keeping one another safe it is expected that you comply with our Health, Safety & Environment (HSE) policy at all times as well as client HSE policies when working at client locations.
Offers of employment for safety-sensitive positions involving fieldwork are contingent upon candidates being able to perform key physical tasks of the job as described in the job posting and interview. This may include the ability to work in a variety of environmental conditions, such as remote or isolated areas, working alone, and in inclement weather (within safe and reasonable limits).
WSP welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.
WSP is committed to the principles of employment equity. Only the candidates selected will be contacted.
WSP does not accept unsolicited resumes from agencies. For more information please READ THE FULL POLICY. (

Would you like to join an international team working to improve the future of healthcare? Do you want to enhance the lives of millions of people? Grifols is a global healthcare company that since 1909 has been working to improve the health and well-being of people around the world. We are leaders in plasma-derived medicines and transfusion medicine and develop, produce and market innovative medicines, solutions and services in more than 110 countries and regions.
Grifols Diagnostic Solutions Inc is seeking a Cybersecurity Specialist to join our Global Application and Systems Team. The Cybersecurity Specialist supports the Technical Support department within Grifols Diagnostics by ensuring the cybersecurity integrity of diagnostic instruments, software, and connected systems. This role bridges technical support and cybersecurity, helping to identify, assess, and mitigate risks while ensuring compliance with global regulatory standards. The position plays a key role in incident response, vulnerability management, and secure product lifecycle support.
Help us lead one of the world's largest pharmaceutical companies. We are a world leader in plasma-derived medicines with a presence in more than 100 countries, and a growing global team of over 20.000 people. That's why we need a Global Cybersecurity Specialist. This dedicated function will support the Technical Support department by providing expert guidance on cybersecurity matters related to diagnostic instruments, software platforms, and connected systems.
**Primary responsibilities for role:**
+ Serve as the cybersecurity point of contact within the Technical Support department
+ Collaborate with R&D, QA, and Regulatory teams to assess and address cybersecurity risks
+ Support secure configuration, patch management, and vulnerability remediation
+ Assist in incident response and root cause analysis for cybersecurity-related issues
+ Ensure compliance with relevant standards (e.g., FDA, MDR, ISO/IEC 27001)
+ Maintain documentation and reports related to cybersecurity activities
+ Provide training and awareness on cybersecurity best practices
+ Participate in audits and regulatory inspections as needed
+ Contribute to the development of secure support processes and tools
+ Stay current with emerging threats and technologies in medical device cybersecurity
**Knowledge, Skills, and Abilities**
+ Strong understanding of cybersecurity principles, risk management, and regulatory frameworks
+ Familiarity with diagnostic instruments, embedded systems, and networked medical devices
+ Excellent communication and collaboration skills
+ Analytical thinking and problem-solving ability
+ High attention to detail and integrity in handling sensitive information
+ Ability to work cross-functionally and manage multiple priorities
+ Proficiency in cybersecurity tools and incident response practices
**Education**
Bachelor's degree in Cybersecurity, Information Technology, Biomedical Engineering, or a related field. Master's degree preferred.
**Experience**
Typically requires 5 years of related experience in cybersecurity, preferably in the medical device or diagnostics industry. Experience in technical support, regulatory compliance, or IT security is highly valued.
**Equivalency**
Depending on the area of assignment, directly related experience or a combination of directly related education and experience and/or competencies may be considered in place of the stated requirements. Example: If a job level requires a Bachelor's degree plus 4 years of experience, an equivalency could include 8 years of experience, an Associate's degree with 6 years of experience, or a Master's degree with 2 years of experience.
#LI-DC1
Third Party Agency and Recruiter Notice:
Agencies that present a candidate to Grifols must have an active, nonexpired, Grifols Agency Master Services Agreement with the Grifols Talent Acquisition Department. Additionally, agencies may only submit candidates to positions that they have been engaged to work on by a Grifols Recruiter. All resumes must be sent to a Grifols Recruiter under these terms or they will be considered a Grifols candidate.
**Grifols provides equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability. We will consider for employment all qualified applicants in a manner consistent with the requirements of all applicable laws.**
Learn more about Grifols ( ID:**
**Type:** Regular Full-Time
**Job Category:** Technical Assistance

Would you like to join an international team working to improve the future of healthcare? Do you want to enhance the lives of millions of people? Grifols is a global healthcare company that since 1909 has been working to improve the health and well-being of people around the world. We are leaders in plasma-derived medicines and transfusion medicine and develop, produce and market innovative medicines, solutions and services in more than 110 countries and regions.
Grifols Diagnostic Solutions Inc is seeking a Cybersecurity Specialist to join our Global Application and Systems Team. The Cybersecurity Specialist supports the Technical Support department within Grifols Diagnostics by ensuring the cybersecurity integrity of diagnostic instruments, software, and connected systems. This role bridges technical support and cybersecurity, helping to identify, assess, and mitigate risks while ensuring compliance with global regulatory standards. The position plays a key role in incident response, vulnerability management, and secure product lifecycle support.
Help us lead one of the world's largest pharmaceutical companies. We are a world leader in plasma-derived medicines with a presence in more than 100 countries, and a growing global team of over 20.000 people. That's why we need a Global Cybersecurity Specialist. This dedicated function will support the Technical Support department by providing expert guidance on cybersecurity matters related to diagnostic instruments, software platforms, and connected systems.
**Primary responsibilities for role:**
+ Serve as the cybersecurity point of contact within the Technical Support department
+ Collaborate with R&D, QA, and Regulatory teams to assess and address cybersecurity risks
+ Support secure configuration, patch management, and vulnerability remediation
+ Assist in incident response and root cause analysis for cybersecurity-related issues
+ Ensure compliance with relevant standards (e.g., FDA, MDR, ISO/IEC 27001)
+ Maintain documentation and reports related to cybersecurity activities
+ Provide training and awareness on cybersecurity best practices
+ Participate in audits and regulatory inspections as needed
+ Contribute to the development of secure support processes and tools
+ Stay current with emerging threats and technologies in medical device cybersecurity
**Knowledge, Skills, and Abilities**
+ Strong understanding of cybersecurity principles, risk management, and regulatory frameworks
+ Familiarity with diagnostic instruments, embedded systems, and networked medical devices
+ Excellent communication and collaboration skills
+ Analytical thinking and problem-solving ability
+ High attention to detail and integrity in handling sensitive information
+ Ability to work cross-functionally and manage multiple priorities
+ Proficiency in cybersecurity tools and incident response practices
**Education**
Bachelor's degree in Cybersecurity, Information Technology, Biomedical Engineering, or a related field. Master's degree preferred.
**Experience**
Typically requires 5 years of related experience in cybersecurity, preferably in the medical device or diagnostics industry. Experience in technical support, regulatory compliance, or IT security is highly valued.
**Equivalency**
Depending on the area of assignment, directly related experience or a combination of directly related education and experience and/or competencies may be considered in place of the stated requirements. Example: If a job level requires a Bachelor's degree plus 4 years of experience, an equivalency could include 8 years of experience, an Associate's degree with 6 years of experience, or a Master's degree with 2 years of experience.
#LI-DC1
Third Party Agency and Recruiter Notice:
Agencies that present a candidate to Grifols must have an active, nonexpired, Grifols Agency Master Services Agreement with the Grifols Talent Acquisition Department. Additionally, agencies may only submit candidates to positions that they have been engaged to work on by a Grifols Recruiter. All resumes must be sent to a Grifols Recruiter under these terms or they will be considered a Grifols candidate.
**Grifols provides equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability. We will consider for employment all qualified applicants in a manner consistent with the requirements of all applicable laws.**
Learn more about Grifols ( ID:**
**Type:** Regular Full-Time
**Job Category:** Technical Assistance

**The Opportunity:**
**WSP** is currently seeking a **Principal Consultant,** **Industrial / OT Cybersecurity** to join our Cybersecurity Practice in Canada.
This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.
This role aligns with WSP's "Future Ready" vision to become the industry leader in digital engineering and advisory services. WSP's Industrial OT Cybersecurity Practice is formed of Engineers, Specialists, and Consultants who plan, design and implement strategies, frameworks and solutions to ensure the security of (CNI) critical national infrastructures. Our mission is to deliver digital infrastructures that are resilient and can be maintained as such throughout their life cycle. This is an opportunity to work with leading experts within the ICS/OT Cybersecurity Industry, build a cross-functional network of professionals, work in a high-performing, flexible, fun and inclusive environment.
**Why choose WSP?**
+ We value and are committed to upholding a culture of **inclusion** and **belonging**
+ Our **Flexible** Work Policy - we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours. We will support you on and off the job so you can be fully present in both your work and home lives.
+ A **Canadian** success story - we're **proud** to wear the red and white of this beautiful country and show the world what Canada has to offer.
+ **Enhance** the world around you - from the environment to the highways, to the buildings and the terrain, WSP is the fabric of Canada.
+ **Outstanding** career opportunities - we're growing and pushing ourselves every day to be greater than yesterday - we're open to **your** ideas and trying **new** things.
+ A phenomenal **collaborative** culture and a workforce filled with genuinely **good** **people** who are doing humbly important work. Come find out for yourself what it's like to be a part of our journey.
We offer attractive pay, flexible work options, a great corporate culture, comprehensive and employee-focused benefits including virtual healthcare and a wellness platform as well as great savings programs, and a clear vision for the future.
# **WeAreWSP**
**What you can expect to do here:**
+ Provide cybersecurity expertise and technical leadership for Industrial Control Systems (ICS) and Operational Technology (OT) environments.
+ Act as the discipline lead for Industrial Cybersecurity within WSP major infrastructure projects, in complex multi-discipline and stakeholder environments, with a focus on the Rail & Transit domain.
+ Lead the strategy and planning of all cyber security activities and resources needed for major infrastructure projects and / or focused client mandates, spanning the following aspects: early feasibility studies and strategic advisory, requirements management, design, procurement, implementation, testing and commissioning, into operations & maintenance.
+ Define the KPIs by which the project Cybersecurity framework will be measured and continually seek to improve Cybersecurity discipline framework through real-world deployment and application.
+ Oversight and execution of WSP's Cybersecurity project plans, to ensure the cyber resilience of the digital infrastructure through the following workstreams: governance & planning, tools and technologies, policies and procedures, and people & expertise.
+ Lead on the execution of cyber security threat, vulnerability, and risk assessments by identifying all the critical assets, network connectivity and threat vectors, to define mitigation options and residual risk.
+ Derive, cascade, and clarify cyber security requirements to the suppliers of digital technology and controls systems, and engage in the procurement activities to manage cyber risk in the supply chain.
+ Perform, and lead project teams to perform, the necessary analysis to provide all the required evidence to support the project requirements and verification of security controls through the V-cycle assurance process.
+ Liaise with engineering design, project management and construction teams to ensure the cyber security activities and requirements are being implemented by the project team and by the suppliers.
+ Review cyber security submissions from suppliers, and designers, and provide detailed technical comments.
+ Plan, prepare and implement a cyber security testing strategy to validate the resilience of the digital infrastructure Vs. external and internal threats.
+ Manage client relationships and advise clients on recommended actions relating to active projects - to seize opportunities or mitigate risks.
+ Deliver on critical path project activities and deliverables in allocated timescales to meet overall project deadlines.
+ Identify opportunities for new work, and occasionally contribute to the development of bid materials and proposal exercises to support winning of new work.
**What you'll bring to WSP:**
**Technical qualifications, experience, and skills:**
+ Networking, Telecommunications or Cybersecurity Engineering degree, or equivalent
+ Relevant Cybersecurity training and certifications, for example: GICSP, GIAC, IEC 62443 suite, or a master's degree in Cybersecurity
+ 10 years minimum experience in the application of one or more of the following areas:
+ Major Infrastructure Projects discipline lead / Project Management - digital infrastructure
+ Telecommunications / Network Technology / Cloud Environment
+ Automation / SCADA / Control Systems
+ Distributed Control Systems / Operational Technology
+ The candidate will possess in-depth experience in the Industrial Cyber Security field with most recent experience having come from any of the following areas:
+ Infrastructure / Engineering Project Program definition and execution - OT Cybersecurity
+ Vulnerability Scanning and Penetration Testing
+ Application security
+ Malware Reverse Engineering
+ Threat Intelligence
+ Security Architecture and Secure-by-Design process
+ Operational Technology/Industrial Control Systems Security
+ Telecommunications and Network Security
+ System or Network administration in a complex multi-national network
+ Experience in the Rail & Transit sector for major multi-discipline (3P) projects and /or operations is required
+ Experience of bridging and managing the technical, schedule and commercial constraints at a project level in relation to OT Cybersecurity.
+ Experience in multiple Industrial Control System fields such as: manufacturing, transportation, energy, utilities, telecommunications and willing to go the "extra mile" to learn more about industrial digital infrastructures and their underlying cybersecurity.
+ Applied knowledge of NIST guidelines, ISA/IEC 62443 standards suite, and ISO 2700x cyber security frameworks
+ Fundamental understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
+ IEC 62443 series, CISSP, CompTIA Security+, or SANS GICSP valid certification is required
**Interpersonal and soft skills:**
+ Excellent communication skills, both written and verbal.
+ Proficiency in Microsoft Office, including Excel, Word, Visio, Project and Outlook.
+ The ability to work effectively remotely within an extended team.
+ The ability to understand responsibilities and willingness to be accountable of the work delivered.
+ Ability to communicate complex Engineering and Industrial Cybersecurity concepts to non-technical decision makers
+ Ability to work on multiple mandates simultaneously.
**What sets you apart:**
+ Experience in managing technical teams and overseeing the workstreams of others at a project level.
+ Specific experience pertaining to the Transportation industry sector, e.g. LRT, Heavy Rail, Metro - from an OT Cybersecurity discipline lead perspective - Operations or Projects.
+ Knowledge of the Systems Engineering and Systems Assurance concepts widely used in the Railway domain, e.g. CENELEC EN 50126, 50701
+ International experience, such as European Rail Infrastructure and Projects experience.
+ Professional Engineer (PEng), or European equivalent: CEng (Chartered Engineer) certified and / or working towards these accreditations.
+ Experience working as a Consultant or Advisor to clients, taking into consideration budgetary and inter-disciplinary constraints.
+ Hands-on experience using OT Cybersecurity Asset Discovery & Vulnerability solutions to gain actionable intelligence about clients' environments
+ Experience in Project or Program Management of Cybersecurity or Networking assignments.
+ Bilingual French / English, an asset
**WSP** is one of the world's leading professional services firms. Our purpose is to future proof our cities and environments.
We have over 65,000 team members across the globe. In Canada, our 12,000+ people are involved in everything from environmental remediation to urban planning, from engineering iconic buildings to designing sustainable transportation networks, from finding new ways to extract essential resources to developing renewable power sources for the future.
At **WSP** :
+ We value our people and our reputation
+ We are locally dedicated with international scale
+ We are future focused and challenge the status quo
+ We foster collaboration in everything we do
+ We have an empowering culture and hold ourselves accountable
Please Note:
Health and Safety is a core paramount value of WSP. Given the importance of keeping one another safe it is expected that you comply with our Health, Safety & Environment (HSE) policy at all times as well as client HSE policies when working at client locations.
Offers of employment for safety-sensitive positions involving fieldwork are contingent upon candidates being able to perform key physical tasks of the job as described in the job posting and interview. This may include the ability to work in a variety of environmental conditions, such as remote or isolated areas, working alone, and in inclement weather (within safe and reasonable limits).
WSP welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.
WSP is committed to the principles of employment equity. Only the candidates selected will be contacted.
WSP does not accept unsolicited resumes from agencies. For more information please READ THE FULL POLICY. (

**Work Location:**
Toronto, Ontario, Canada
**Hours:**
37.5
**Line of Business:**
Legal
**Pay Details:**
$136,000 - $210,000 CAD
The pay details posted reflect a temporary market premium specific to this role that is reassessed annually.
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
**Job Description:**
**Department Overview**
TD Legal is dedicated to providing industry-leading advice and counsel to all TD business segments and corporate functions. In this **Senior Counsel, Privacy, Data & Cybersecurity** role, you will join a dynamic and collegial team of professionals at TD Legal, providing advice and supporting a wide range of privacy, data innovation and protection, and cybersecurity matters. This role will involve advising on a wide range of privacy and data use issues, including those arising from the enterprise's data-driven initiatives and privacy compliance program, operational incident reporting requirements, and cyber risk management and incident response. This is an opportunity to collaborate with other members of TD Legal, as well as colleagues in the lines of business, data and technology teams, control partners, risk management, security and the privacy office, to help the enterprise meet its legal and regulatory obligations relating to privacy compliance and data usage, and to manage related risks.
Collaborating with talented colleagues and partners in a variety of legal specializations, members of the Canadian Disputes & Investigation, Privacy, Data, Cyber and Financial Crimes legal teams have the chance to develop their skills every day. From mentorship and training programs to leadership development, we will help you realize your full potential and achieve your career goals.
**Job Description**
The **Senior Counsel, Privacy, Data & Cybersecurity** role is a member of TD Legal and reports into the AVP for Privacy, Data, Cyber, Fraud & Investigations. The role is expected to anticipate legal, regulatory, economic and reputational risk, and provide strategic and practical legal advice to business stakeholders on a wide range of initiatives and incidents. Duties include:
+ Monitoring and tracking current and emerging privacy and cybersecurity laws and regulations, and translate legal terms into business requirements, guidance and advice
+ Providing privacy and data-related legal advice to lines of business, and data, technology, cybersecurity and privacy teams, in respect of new initiatives and corporate arrangements
+ Providing legal advice on areas relevant to data protection and cybersecurity risk management, including to draft or review terms and conditions related to cybersecurity risk management initiatives, enterprise technology and information security standards, policies, procedures and playbooks.
+ Providing legal advice to cybersecurity and privacy teams, including during investigations to ensure that they are conducted and documented appropriately to minimize risks, protect personal and other confidential information, and fulfill legal obligations arising from incidents
+ Providing privacy legal advice on matters or initiatives involving artificial intelligence, biometrics, and tools or arrangements to prevent or detect fraud or financial crime
+ Advising on a wide range of privacy, data and information security matters, including customer escalations and access requests, data breaches, data retention and information-sharing arrangements
+ Providing legal advice to lines of business, incident management and investigation units to address potential legal, regulatory, economic and reputational risk(s) to the bank, arising from operational incidents, including to identify and liaise with additional internal stakeholders or subject matter experts, as appropriate
+ Remaining current on evolving regulatory requirements and expectations, as well as Canadian case law, in connection with a range of privacy, data use and innovation, cybersecurity risk management and incident management topics
+ Oversight of external counsel and other third-party vendors when necessary
+ Other duties, as assigned
**Job Requirements**
+ Law degree from an accredited law school and qualified to practice law in Canada
+ At least 8 years of relevant experience as a lawyer working at a major law firm or in-house (privacy, technology, cybersecurity and incident response, and general commercial practice)
+ In-depth knowledge of federal and provincial privacy legislation, and familiarity with cybersecurity risk management, integrity and security, and incident reporting requirements applicable to financial institutions and banks, strongly recommended
+ Experience in the banking and financial services sector, an asset
+ Versatile and flexible, with ability to navigate uncertainty
+ Advanced communication (written and verbal), negotiation, conflict resolution, legal research and analytical skills
+ Ability to simplify, problem solve, multitask and work effectively against deadlines
+ Strong teamwork and client relationship management skills
+ Operates with creativity and innovation; seeks different perspectives and new ideas
**Who We Are:**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more ( Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
**Language Requirement (Quebec only):**
Maîtrise d'une langue autre que le français pour offrir du soutien ou traiter avec des employés ou des collègues qui ont besoin de services et de soutien dans une langue autre que le français.
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

**Req ID:**
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a **Cybersecurity & AI Program Manager - Remote** to join our team in **Toronto** , **Ontario (CA-ON)** , **Canada (CA)** .
**Cybersecurity & AI Program Manager**
We are seeking an experienced **Cybersecurity & AI Program Manager** to lead strategic initiatives that safeguard enterprise assets and drive innovation through AI integration. This role requires deep cybersecurity domain knowledge, Agile program management expertise, and strong hands-on experience with Jira, Jira Align, and value stream management. The ideal candidate will manage complex programs across cybersecurity and AI domains, ensuring alignment with business objectives, risk frameworks, compliance mandates, and financial targets.
**Key Responsibilities:**
+ Lead and manage cybersecurity and AI programs using Agile methodologies.
+ Oversee cross-functional delivery teams, aligning security and AI initiatives with enterprise goals and frameworks (e.g., NIST, ISO 27001).
+ Utilize Jira and Jira Align to plan, track, and report on progress across multiple teams and agile release trains.
+ Facilitate value stream identification, mapping, and continuous improvement efforts across cybersecurity and AI initiatives.
+ Collaborate with stakeholders, product owners, and technical leads to prioritize program backlogs and manage risk-based outcomes.
+ Ensure program compliance with internal security policies, regulatory requirements (e.g., HIPAA, PCI-DSS, SOX), and audit needs.
+ Report program status, risk posture, key KPIs, and financial performance to executive leadership and steering committees.
+ Drive continuous improvement by implementing Agile best practices and Lean Portfolio Management (LPM) principles.
+ Manage vendor relationships and coordinate third-party risk management activities related to program deliverables.
+ Maintain a forward-looking information security and AI strategy roadmap, aligning services and portfolio components to business goals.
+ Manage program budgets, forecasts, and financial tracking to ensure cost-effective delivery and ROI.
+ Develop and maintain detailed project plans, timelines, and resource allocations across cybersecurity and AI initiatives.
+ Communicate effectively with senior stakeholders, translating technical risks and opportunities into business-relevant insights.
**Required Qualifications:**
+ 7+ years of experience in program or project management, with at least 3+ years in cybersecurity and exposure to AI-related initiatives.
+ Proven track record managing large-scale cybersecurity initiatives (e.g., IAM, Zero Trust, SOC modernization, Cloud Security) and AI programs.
+ Strong experience with Agile frameworks (Scrum, SAFe, Kanban) and Agile Program Management tools, especially Jira and Jira Align.
+ Deep understanding of value stream management, business agility, and delivering secure outcomes at scale.
+ Working knowledge of cybersecurity principles, risk management frameworks, and control frameworks (e.g., NIST CSF, CIS Controls).
+ Experience managing program budgets, financials, and vendor contracts.
+ Excellent communication, leadership, and stakeholder management skills.
**Preferred Qualifications:**
+ Certifications such as PMP, Certified Scrum Master (CSM), CISSP, or CISM.
+ Familiarity with DevSecOps practices, secure SDLC, and continuous security compliance in Agile environments.
+ Experience in AI program management, including governance, ethical considerations, and integration with cybersecurity.
+ Security/Consulting industry experience in a customer-facing role with senior-level relationship management.
+ Familiarity with information security technologies and issues across multiple platforms.
+ Significant experience in applying globally accepted security standards.
+ Strong understanding of networking technologies and advanced knowledge of network security across communications and infrastructure.
**About NTT DATA**
NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com ( possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client's needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, .
**_NTT DATA endeavors to make_** **_ **_accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at_** **_ **_._** **_This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here ( . If you'd like more information on your EEO rights under the law, please click here ( . For Pay Transparency information, please click here ( ._**
#LI-NorthAmerica

**Req ID:**
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a **Cybersecurity & AI Program Manager - Remote** to join our team in **Toronto** , **Ontario (CA-ON)** , **Canada (CA)** .
**Cybersecurity & AI Program Manager**
We are seeking an experienced **Cybersecurity & AI Program Manager** to lead strategic initiatives that safeguard enterprise assets and drive innovation through AI integration. This role requires deep cybersecurity domain knowledge, Agile program management expertise, and strong hands-on experience with Jira, Jira Align, and value stream management. The ideal candidate will manage complex programs across cybersecurity and AI domains, ensuring alignment with business objectives, risk frameworks, compliance mandates, and financial targets.
**Key Responsibilities:**
+ Lead and manage cybersecurity and AI programs using Agile methodologies.
+ Oversee cross-functional delivery teams, aligning security and AI initiatives with enterprise goals and frameworks (e.g., NIST, ISO 27001).
+ Utilize Jira and Jira Align to plan, track, and report on progress across multiple teams and agile release trains.
+ Facilitate value stream identification, mapping, and continuous improvement efforts across cybersecurity and AI initiatives.
+ Collaborate with stakeholders, product owners, and technical leads to prioritize program backlogs and manage risk-based outcomes.
+ Ensure program compliance with internal security policies, regulatory requirements (e.g., HIPAA, PCI-DSS, SOX), and audit needs.
+ Report program status, risk posture, key KPIs, and financial performance to executive leadership and steering committees.
+ Drive continuous improvement by implementing Agile best practices and Lean Portfolio Management (LPM) principles.
+ Manage vendor relationships and coordinate third-party risk management activities related to program deliverables.
+ Maintain a forward-looking information security and AI strategy roadmap, aligning services and portfolio components to business goals.
+ Manage program budgets, forecasts, and financial tracking to ensure cost-effective delivery and ROI.
+ Develop and maintain detailed project plans, timelines, and resource allocations across cybersecurity and AI initiatives.
+ Communicate effectively with senior stakeholders, translating technical risks and opportunities into business-relevant insights.
**Required Qualifications:**
+ 7+ years of experience in program or project management, with at least 3+ years in cybersecurity and exposure to AI-related initiatives.
+ Proven track record managing large-scale cybersecurity initiatives (e.g., IAM, Zero Trust, SOC modernization, Cloud Security) and AI programs.
+ Strong experience with Agile frameworks (Scrum, SAFe, Kanban) and Agile Program Management tools, especially Jira and Jira Align.
+ Deep understanding of value stream management, business agility, and delivering secure outcomes at scale.
+ Working knowledge of cybersecurity principles, risk management frameworks, and control frameworks (e.g., NIST CSF, CIS Controls).
+ Experience managing program budgets, financials, and vendor contracts.
+ Excellent communication, leadership, and stakeholder management skills.
**Preferred Qualifications:**
+ Certifications such as PMP, Certified Scrum Master (CSM), CISSP, or CISM.
+ Familiarity with DevSecOps practices, secure SDLC, and continuous security compliance in Agile environments.
+ Experience in AI program management, including governance, ethical considerations, and integration with cybersecurity.
+ Security/Consulting industry experience in a customer-facing role with senior-level relationship management.
+ Familiarity with information security technologies and issues across multiple platforms.
+ Significant experience in applying globally accepted security standards.
+ Strong understanding of networking technologies and advanced knowledge of network security across communications and infrastructure.
**About NTT DATA**
NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com ( possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client's needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, .
**_NTT DATA endeavors to make_** **_ **_accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at_** **_ **_._** **_This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here ( . If you'd like more information on your EEO rights under the law, please click here ( . For Pay Transparency information, please click here ( ._**
#LI-NorthAmerica