123 Information Security jobs in Canada

Reference #: 7879
Location: Nunavut
Type: Sub-contract

Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. This role is instrumental in ensuring client systems and initiatives adhere to security best practices, safeguarding the integrity and confidentiality of client operations and services.

Key Duties and Responsibilities:

• Program Development:
  • Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
  • Develop a governance framework to support compliance with relevant laws, regulations, and best practices; and
  • Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
• Operational Planning:
  • Create an operational plan for implementing the security program, outlining timelines, resource requirements, and key milestones;
  • Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; and
  • Develop an incident response plan and disaster recovery protocols.
• Participation in Projects:
  • Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
  • Conduct security reviews and assessments during project lifecycles to identify and address risks; and
  • Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
• Stakeholder Engagement:
  • Work with departments, agencies, and third-party stakeholders to align security initiatives with operational goals; and
  • Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
• Training and Awareness:
  • Develop and implement a cybersecurity training and awareness program for employees at all levels; and
  • Promote a culture of security within the workforce.
• Monitoring and Continuous Improvement:
  • Establish mechanisms for continuous monitoring and reporting on the security program's effectiveness; and
  • Stay abreast of new threats, vulnerabilities, and advancements in security technologies to ensure the program remains current and effective.
• Technical Expertise:
  • Recommend and assist in deploying security tools and technologies, such as firewalls, intrusion detection systems, and encryption; and
  • Oversee the design of secure architecture for IT systems and infrastructure.
• Compliance and Reporting:
  • Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); and
  • Prepare detailed reports and presentations for executive leadership and external audits.

Donna Cona is committed to a diverse, equitable and inclusive workplace. We are an equal opportunity employer. We don't discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. We are committed to maintaining a barrier free recruitment process by providing equal employment opportunities through recruiting and retention of individuals.

• To apply for this position please complete the form below.
• Name First Last
• Email
• Daytime Phone
• City
• Province/State
• Attach Cover Letter and Resume Max. file size: 20 MB. Please note that these must be in one document, and can be in .docx, .doc, .pdf or .rtf formats

Type: Sub-contract
Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. Program Development:
Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
Operational Planning:
Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; Participation in Projects:
Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
Conduct security reviews and assessments during project lifecycles to identify and address risks; Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
Training and Awareness:
Develop and implement a cybersecurity training and awareness program for employees at all levels; Monitoring and Continuous Improvement:
Technical Expertise:
Oversee the design of secure architecture for IT systems and infrastructure.
Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); We don’t discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. Daytime Phone *

Type: Sub-contract
Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. Program Development:
Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
Operational Planning:
Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; Participation in Projects:
Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
Conduct security reviews and assessments during project lifecycles to identify and address risks; Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
Training and Awareness:
Develop and implement a cybersecurity training and awareness program for employees at all levels; Monitoring and Continuous Improvement:
Technical Expertise:
Oversee the design of secure architecture for IT systems and infrastructure.
Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); We don’t discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. Daytime Phone *

Type: Sub-contract
Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. Program Development:
Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
Operational Planning:
Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; Participation in Projects:
Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
Conduct security reviews and assessments during project lifecycles to identify and address risks; Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
Training and Awareness:
Develop and implement a cybersecurity training and awareness program for employees at all levels; Monitoring and Continuous Improvement:
Technical Expertise:
Oversee the design of secure architecture for IT systems and infrastructure.
Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); We don’t discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. Daytime Phone *

Overview
At KPMG, you'll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.
As a

Sr. Consultant, Information Security Engineer (Ms Purview)

Join to apply for the Sr. Consultant, Information Security Engineer (Ms Purview) role at CIBC

Sr. Consultant, Information Security Engineer (Ms Purview)

2 days ago Be among the first 25 applicants

Join to apply for the Sr. Consultant, Information Security Engineer (Ms Purview) role at CIBC

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.
To learn more about CIBC, please visit CIBC.com
What You’ll Be Doing
As a member of CIBC’s Security Engineering team, you’ll play a crucial role in all matters of Information Security. You’ll focus on assessing projects for security risks by examining and interpreting requirement documents and architecture diagrams. We are looking for an action-oriented, collaborative and innovative individual that would be responsible for designing, building, and deploying Microsoft Purview Data Loss Prevention solutions. The Senior Consultant Information Security Engineer will also be responsible for completing proof-of-concept and proof-of-technology exercises on new security offerings as well as designing and implementing successful solutions. This role is an excellent opportunity to join a world class team within a great organization and assist with meeting a large enterprise's growing Information Security needs. This role requires to be on call for a week once every four months.
At CIBC we enable the work environment most optimal for you to thrive in your role. Details on your work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview.
How You’ll Succeed

• Information Security Engineering– Designing and building integrated Information Security solutions that meet the needs of a large enterprise. Constantly evaluating our security posture and staying up to date with relevant industry perspectives.
• Perimeter Security Engineering- Maintaining and supporting perimeter security tools including Microsoft Purview Data Loss Prevention (DLP), Microsoft Cloud Access Security Brokers (CASB) and Microsoft Defender for Cloud (CSPM).
• Perimeter Security Design- Identifying current and emerging perimeter security. Sourcing and implementing new perimeter security solutions to better protect the organization.
• Leadership & Communication –Collaborate with senior leaders across the company and make informed recommendations to enhance information system security. Weigh business needs against security concerns and provide risk-based recommendations to improve information systems security, which are practical and achievable, thereby allowing the Lines of Business to make informed risk decisions
  

• You can demonstrate 5+ years' experience with Microsoft Purview DLP, Microsoft Defender for Cloud Apps (CASB), & Defender for Cloud Security Posture Management (CSPM). It is an asset if you have knowledge of data loss prevention policies, data sensitivity classifications, cloud access security brokers, cloud security posture management, security hardening of infrastructure, and audit events logging.
• You have Engineering experience with Microsoft Purview DLP, Microsoft Azure infrastructure Deployments/support and Security principles. It is an asset if you have experience with Windows & Linux Platforms, knowledge of cloud storage architecture, firewalls, Azure Network Security Groups (NSG), Azure Role Based Access Control (RBAC), Azure Enterprise Applications, Azure Resource Graph, APIs, conditional access policies, and other network technologies.
• You’re a certified professional. You have current accreditation and good standing in CISSP, CCSP or CISM. It’s an asset if you have any technical certifications in Azure, AWS, or GCP.
• You have a degree/diploma in Computer Science, Engineering or a related field.
• Values matter to you. You bring your real self to work and you live our values - trust, teamwork, and accountability.
  

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, defined benefit pension plan*, an employee share purchase plan, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
• Subject to plan and program terms and conditions
  

• CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact
• You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
• We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, French proficiency, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.
  

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Banking

Referrals increase your chances of interviewing at CIBC by 2x

Sign in to set job alerts for “Senior Information Security Consultant” roles.

Senior Information Security Officer, SVP

Senior Director, Information Security Officer

Business Information Security Officer Manager, Global

Data Security Manager, Information Security, IT

IT Internal Audit Assistant Manager (Project Security)

Information Security Analyst - 6 month contract

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Penetration Tester Senior Associate, Global role at PwC Canada

2 days ago Be among the first 25 applicants

Join to apply for the Penetration Tester Senior Associate, Global role at PwC Canada

Get AI-powered advice on this job and more exclusive features.

Specialism
IFS - Internal Firm Services - Other

Job Description & Summary
At PwC Global, our people in information technology operations focus on managing and maintaining the technology infrastructure and systems to provide smooth operations and efficient delivery of IT services. This includes monitoring network performance, troubleshooting issues, and implementing security measures.
Those in IT support at PwC Global will focus on providing front-line technical assistance and troubleshooting to facilitate smooth functioning of computer systems software and hardware. Working in this area, you will be responsible for providing support to internal and external clients to address and resolve issues in a timely and efficient manner through a variety of mediums/channels. The guidance will help to resolve technical issues and maintain efficient IT operations at the L2 up to L4 support levels.
Meaningful work you’ll be part of As a Penetration Tester Senior Associate, Global, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to:

• Proactively assisting management in the scoping, planning and execution of assessments
• Performing penetration testing assessments
• Executing tasks aligned to the Pentest Team with autonomy
• Presenting technical findings with a focus on business impact to management
• Contributing to the development of a team’s technical acumen
• Establishing thought leadership at the Network Information Security (NIS) and firm-wide level in a particular knowledge area
• Demonstrating cultural dexterity and modifying behavior to the environment/culture
• Collaborating with multiple stakeholders across functional and technical skill sets
• Assisting in collaborating with Information Technology (IT) and NIS to align information security policies and standards, evaluations, and technological tools

Line of Service
Internal Firm Services

Industry/Sector
Not Applicable

Specialism
IFS - Internal Firm Services - Other

Management Level
Senior Associate

Job Description & Summary
At PwC Global, our people in information technology operations focus on managing and maintaining the technology infrastructure and systems to provide smooth operations and efficient delivery of IT services. This includes monitoring network performance, troubleshooting issues, and implementing security measures.
Those in IT support at PwC Global will focus on providing front-line technical assistance and troubleshooting to facilitate smooth functioning of computer systems software and hardware. Working in this area, you will be responsible for providing support to internal and external clients to address and resolve issues in a timely and efficient manner through a variety of mediums/channels. The guidance will help to resolve technical issues and maintain efficient IT operations at the L2 up to L4 support levels.
Meaningful work you’ll be part of As a Penetration Tester Senior Associate, Global, you’ll work as part of a team of problem solvers, helping to solve business issues, deliver high quality client service and operational efficiency. Responsibilities include but are not limited to:

• Proactively assisting management in the scoping, planning and execution of assessments
• Performing penetration testing assessments
• Executing tasks aligned to the Pentest Team with autonomy
• Presenting technical findings with a focus on business impact to management
• Contributing to the development of a team’s technical acumen
• Establishing thought leadership at the Network Information Security (NIS) and firm-wide level in a particular knowledge area
• Demonstrating cultural dexterity and modifying behavior to the environment/culture
• Collaborating with multiple stakeholders across functional and technical skill sets
• Assisting in collaborating with Information Technology (IT) and NIS to align information security policies and standards, evaluations, and technological tools

• Significant e xperience with common pentesting tools such as Rubeus, Mimikatz , Impacket , Certify, ForgeCert , ROADTools , ADOKit , and Burp Pro
• Demonstrating proficiency in understanding programing or scripting languages (C/C++, C#, Python, Go, PowerShell)
• Demonstrating knowledge of Active Directory concepts and Cloud infrastructure concepts in one of the following platforms: Azure, AWS, GCP
• Demonstrating knowledge of Windows architecture and internals and appropriate judgment prior to escalating to management
• Fostering healthy work relationships by demonstrating appropriate conflict-resolution skills
• Demonstrating experience performing penetration testing assessments and high-level understanding of the principles of information security engineering, architecture, and application security
• Demonstrating prior system administration, incident response, Security Operations Center (SOC) or network engineering experience preferred
• PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer

Required Skills

Optional Skills
Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Communication, Computer Engineering, Computer Program Installation, Computer Programming, Computer Technical Support, Creativity, Embracing Change, Emotional Regulation, Empathy, Enterprise Architecture, Incident Management and Resolution (IMR), Inclusion, Information and Communications Technology (ICT), Intellectual Curiosity, IT Infrastructure Upgrades, IT Operations, IT Operations Management, IT Project Lifecycle, IT Support, IT Troubleshooting, Learning Agility {+ 11 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements
Not Specified

Available for Work Visa Sponsorship?
No

Government Clearance Required?
No

Job Posting End Date
At PwC Canada, our most valuable asset is our people and we grow stronger as we learn from one another. We’re committed to creating an equitable and inclusive community of solvers where everyone feels that they truly belong. We understand that experience comes in many forms and building trust in society and solving important problems is only possible if we reflect the mosaic of the society we live in.
We’re committed to providing accommodations throughout the application, interview, and employment process. If you require an accommodation to be at your best, please let us know during the application process.
To learn more about inclusion and diversity at PwC Canada: Be a part of The New Equation.
Chez PwC Canada, notre atout le plus précieux, c’est notre personnel. Et c’est en apprenant les uns des autres que nous devenons plus forts. Nous avons à cœur de créer une communauté équitable et inclusive de professionnels de la résolution de problèmes, dans laquelle chacun se sent vraiment à sa place. Nous savons que l’expérience peut prendre diverses formes et, pour nous, donner confiance au public et résoudre des problèmes importants n’est possible que si notre milieu de travail reflète la diversité de la société dans laquelle nous vivons.
Nous tenons à répondre à vos besoins tout au long du processus de demande d’emploi, d’entrevue et d’embauche. Si vous avez besoin de mesures d’adaptation pour être parfaitement à l’aise, faites-le-nous savoir à l’étape de la demande d’emploi.
Pour en savoir plus sur l’inclusion et la diversité chez PwC Canada: Faites partie de La Nouvelle équation.

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Business Consulting and Services

Referrals increase your chances of interviewing at PwC Canada by 2x

Get notified about new Penetration Tester jobs in North York, Ontario, Canada.

Security Specialist (Penetration Tester) 8436-3112

Security Specialist (Penetration Tester) 8437-3112

Security Specialist (Penetration Tester) 8435-3112

Cybersecurity Engineer (Endpoint Security & SIEM)

Security Analyst – Project REACH - Temporary Full-Time 2025-13849 (2025-13849)

(Canada) -Intermediate Automation and Security Engineer

Mississauga, Ontario, Canada CA$110,000.00-CA$120,000.00 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Manager, Information Security role at TD

Join to apply for the Senior Manager, Information Security role at TD

Work Location:
Toronto, Ontario, Canada
Hours
37.5
Line Of Business
Technology Solutions
Pay Details
$108,800 - $63,200 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
Responsibilities
Job Description:

• Lead Third-Party Cybersecurity governance and oversight program including scope, governance & transformation responsibilities.
• Acts as an escalation point for the 3PCRM team, assisting and supporting them in dealing with the most complex and challenging engagements & stakeholders
• Ensure effective governance and oversight of the 3PCRM program including the effective design and execution of cybersecurity controls.
• Responsible to serve as a trusted SME providing bank wide third-party cyber strategy, guidance, governance over Third-Party Cybersecurity risks and controls
• Lead program to identify and reduce the supply chain cyberattack surface by identifying risks represented by third parties, proposing remediation actions, and making risks transparent to stakeholders.
• Develop Third-Party Cyber strategy to maintain and uplift the program to align with Regulatory, Industry and Bank standards
• Establish the governance model and the accountability for Third-Party Cybersecurity end to end program
• Streamline and standardize third party cyber processes and procedures for effective risk management
• Manage technology and cyber risk controls in compliance with standards, processes and industry / regulatory guidelines
• Collaborate with SMEs to ensure Third-Party risk reduction across all key security functions including IAM, Network Security, AppSec, Data Protection, etc
• Identify potential threats in the outsourced infrastructure and implement effective mechanisms for mitigating them.
• Support on Regulatory and Audit responses related to technology risks associated with 3PCRM.
• Interact with a wide range of stakeholders both externally and within TD
• Collaborate with partners by providing Cybersecurity & Third-Party expertise and advice to enable informed decisions in alignment with the overall risk tolerance of the Enterprise.
• Proactively inform partners on overall risk position through reporting, metrics, analysis and insights.
• Support speed, simplicity, agility in decision making and action
  

• 10+ yrs of experience in Cybersecurity, Third-Party Risk and GRC
• In-depth knowledge of assessing Third-Party risk and associate cyber controls for a FI
• Experience implementing / managing operating model for risk management function in global organization
• Leadership experience, executive communications, able to track deliverables and ensure quality of deliverables.
• Problem-solving mindset and hands-on approach to complex issues
  

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Banking

Referrals increase your chances of interviewing at TD by 2x

Get notified about new Senior Manager Information Security jobs in Toronto, Ontario, Canada.

Director of Information Security and GRC

Director of Information Security (Toronto, ON /Vancouver, BC)

Senior Systems and Information Management Manager

Chief Information Security Officer (CISO)

Manager, Information Security Strategic Execution

Senior Information Security and Compliance Manager

Data Security Manager, Information Security, IT

Senior Manager, Identity, Access & Management

Senior Audit Manager, IT & Cyber Security Audit

Incident and Problem Manager, IT Security

Audit Manager, IT & Cyber Security Audit

Senior Manager, Information Risk Assurance Program

Information Security Specialist (Network Governance)

Toronto, Ontario, Canada CA$90.00-CA$100.00 3 weeks a o

Power BI Developer - Long term contract - Hybrid

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.