25 Safety Data jobs in Canada

Job Description

Who we are : Founded in 2001, Vivid Seats (NASDAQ: SEAT) is a leading online ticket marketplace committed to becoming the ultimate partner for connecting fans to the live events, artists, and teams they love. We believe in the power of experiences and are fiercely dedicated to building products that inspire human connections. Named as one of Built In's top places to work in 2025 , we believe that our People are our greatest competitive advantage. To support our People, we have built a company culture that empowers our employees to embrace challenges, encourages unity through collaboration, and seeks to constantly evolve by leveraging data and inspiring innovation.

We believe in harnessing emerging technology to power performance and unlock creativity. As part of our culture of innovation, we actively embrace the use of AI tools to enhance decision-making, improve workflows, and produce better outcomes for our customers.

The Opportunity:

The Manager, Information Security is responsible for leading the design and integration of information security into key areas of the Vivid Seats business. This role is critical in ensuring that security is baked in up front to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Vivid Seats operates. This role partners with platform engineering teams to drive security practices and principles related to cloud-based infrastructure, software engineering teams to drive security practices and principles into a fast-paced Agile development cycle and product owners to understand business requirements and landscape.

In addition to bringing Information Security best practices, you will help develop a collaborative, cross-disciplinary and high-performing team while overseeing and improving organizational design, structure, priorities, management processes and reporting information systems. You will be responsible for coordinating project efforts, while building productive, value-added partnerships with vendors. You will also be integral in building an engaged Vivid Seats corporate security culture. "How" results are achieved will be as important as "what" is achieved.

How your role expectations will progress as a Manager, Information Security in the first 30, 90, and 180 days:

30 days in

• Acclimate to Vivid Seats' values and organizational goals to understand how your department drives initiatives forward.
• Understand the team' contributions and the needs of stakeholders that rely on your deliverables to bring business objectives to life.
• Partner with Director, Information Security, Engineering and Product leaders to align on technology vision and roadmap.
• Meet with and begin regular 1:1s with team members to understand their motivations, strengths, and areas you can support them with.

60 days in

• Align with team members to achieve personal and functional goals that correlate to department objectives.
• Develop and lead initiatives for the team that enhance process, drive innovation, and build on Vivid Seats values.
• Strategically drive the Information Security operational metrics by refining the technical roadmap and/or processes as required.
• Identify within the team how ways of working can be improved with the objective of increasing velocity and results.
• Build trust and relationships with team and key stakeholders including executives

90 days in

• Monitor and evolve team deliverables, individual goals, and overall performance to ensure alignment with broader initiatives of your department and the organization
• Collaborate with stakeholders to confirm accurate prioritization and refine processes for collaboration and best practices.
• Meaningfully contribute to department roadmap exercises that balance current needs with future strategic initiatives.
• Be a thought leader for Information Security within the company, supporting and influencing other verticals in the business.

What You'll Bring:

• 8+ years of combined experience in information security and technology with expertise in secure cloud and/or web applications in an e-commerce environment.
• 3 years of experience leading a team and people management.
• Extensive knowledge of current and emerging IT security technologies and techniques covering all levels of cloud and applications.
• Strong business acumen with the ability to drive information security initiatives with a business-first mindset, ensuring alignment with Vivid Seats' goals of connecting fans to live events and enhancing customer trust.
• Deep understanding of Cloud infrastructure (AWS, GCP, or Azure Cloud) concepts, services and related controls.
• Advanced knowledge of information security concepts and technologies such as SCA, SAST, DAST, IAM, vulnerability management, firewalls, IPS/IDS, network analyzers, proxies, SEIM, SOAR, encryption, cloud-based security control services, WAF, bot mitigation.
• Knowledge of and hands-on experience with multiple architectures and technology elements such as MySQL, n-tier, J2EE, Web Services, React, Browser, Android, iOS, React Native, Node.js, Next.js, JAMstack, AWS, K8s, Microservices / Service Mesh.
• Experience writing and/or testing code and scripts with one or more languages such as Java/JavaScript, Python/Perl/bash/python.
• Experience with two or more (or preferably full-stack technology experience) operating systems, infrastructure & cloud infrastructure, software engineering, technology product or service ownership.
• Deep knowledge of multiple cyber security governance and compliance frameworks such as FISMA, NIST CSF, ISO 27000, PCI, SOX, SOC2.
• Experience delivering training to technology SMEs in other areas.
• Ability to lead large internal security technology projects and security remediation projects with significant dependencies on external IT and product teams.

Location : Toronto, ON

101-30 Duncan St.
Toronto, Ontario M5V 2C3

We believe in a hybrid 3 days/week in-office working model, which provides employees the flexibility to take advantage of in-person and remote collaboration.

Our Commitment:
We are an equal opportunity employer that values the critical importance of a diverse workforce and sense of belonging. Many of our roles have flexible requirements and we encourage you to apply regardless of whether you meet every qualification.

Job Description

Founded in 1974, CMiC today delivers comprehensive and advanced enterprise and field operations solutions, purpose-built for construction and capital projects companies. CMiC’s powerful software transforms how firms optimize productivity, minimize risk and drive growth by planning and managing all financials, projects, resources, and content assets - all from a single database platform.

In the past several years, the construction industry has experienced unprecedented changes driven by new technologies - including integration with multi-dimensional modeling, an explosion of cloud-based offerings and the demand for robust mobile capabilities. CMiC has kept pace by constantly upgrading and enhancing our advanced platform to reflect the changing needs of the industry, leading to significant growth as a company.

Job Overview/Position Summary

The Manager, Information Security will assist the Chief Information Security Officer (CISO) to develop and implement cybersecurity strategies that protect our organization's information assets and those of our customers’. This role requires a good understanding of cybersecurity principles, strong leadership skills, and the ability to collaborate across departments to achieve security goals

Primary Responsibilities:

• Assist in the development, implementation, and management of the organization's cybersecurity strategy.
• Monitor and analyze security threats, vulnerabilities, and incidents to identify risks and mitigate them effectively.
• Assist in the design and enforcement of security policies, standards, and procedures.
• Oversee implementation and evidence collection of the SOC 1 & 2 and ISO 27001 audits
• Collaborate with IT, legal, and other internal stakeholders to ensure alignment with security protocols and regulatory requirements.
• Provide technical and operational guidance in the development and implementation of information security programs.
• Manage security incidents and coordinate incident response efforts, including root cause analysis and remediation.
• Stay current with emerging security trends, technologies, and regulatory changes.
• Report on security metrics and provide updates to senior management and the Information and Privacy Governance Committee.

Other responsibilities

• Responsible for the development and maintenance of disaster recovery and business continuity plans and table top exercises.
• Responsible for regular security reviews and risk assessments to identify and address potential security weaknesses.

Requirements

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Certified Information Systems Security Professional (CISSP) or other relevant certifications.
• Minimum of 3 years of experience in information security management or a related role.

Skills and Competencies:

• A solid understanding of cybersecurity principles, network security, encryption, and vulnerability management
• Strong understanding of risk management framework and ability to identify, assess, and mitigate risks to the organization's information assets.
• Ability to develop and implement long-term security strategies that align with the organization's goals.

Preferred Qualifications (Optional)

• Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, AICPA Trust Services Criteria) and regulatory requirements.
• Be a self-starter and take ownership of initiatives.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
• Proven leadership abilities and experience in managing security team.
• Having IT Operational experience is a bonus.

Work Environment (Optional)

• CMiC has a hybrid work environment. Successful candidate is expected to be in the office one to two days a week.

Benefits

• Competitive benefits Package (including Health & Dental benefits)
• Paid vacation and personal days
• Townhall meetings where all employees are encouraged to participate in open discussions
• Located on York University’s campus, easily accessible by transit (TTC, GO, etc.), walking distance to shopping and restaurants
• Outdoor lunch space, including picnic tables
• An active Social Events Committee (past events include annual seasonal parties, pool and bowling tournaments, karaoke nights, Game nights, BBQs, and more)
• Health and Wellness focus including virtual yoga classes and wellness webinars
• RRSP Matching Program after 2 years of employment
• Experience in a rapidly growing, socially responsible corporation

CMiC is an Equal Opportunity Employer. In accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and the Ontario Human Rights Code, CMiC will provide accommodation to applicants with disabilities throughout the recruitment, selection and/or assessment process. If selected to participate in the recruitment, selection and/or assessment process, please inform Human Resources staff of the nature of any accommodation(s) that you may require.

Reference #: 7879
Location: Nunavut
Type: Sub-contract

Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. This role is instrumental in ensuring client systems and initiatives adhere to security best practices, safeguarding the integrity and confidentiality of client operations and services.

Key Duties and Responsibilities:

• Program Development:
  • Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
  • Develop a governance framework to support compliance with relevant laws, regulations, and best practices; and
  • Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
• Operational Planning:
  • Create an operational plan for implementing the security program, outlining timelines, resource requirements, and key milestones;
  • Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; and
  • Develop an incident response plan and disaster recovery protocols.
• Participation in Projects:
  • Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
  • Conduct security reviews and assessments during project lifecycles to identify and address risks; and
  • Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
• Stakeholder Engagement:
  • Work with departments, agencies, and third-party stakeholders to align security initiatives with operational goals; and
  • Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
• Training and Awareness:
  • Develop and implement a cybersecurity training and awareness program for employees at all levels; and
  • Promote a culture of security within the workforce.
• Monitoring and Continuous Improvement:
  • Establish mechanisms for continuous monitoring and reporting on the security program's effectiveness; and
  • Stay abreast of new threats, vulnerabilities, and advancements in security technologies to ensure the program remains current and effective.
• Technical Expertise:
  • Recommend and assist in deploying security tools and technologies, such as firewalls, intrusion detection systems, and encryption; and
  • Oversee the design of secure architecture for IT systems and infrastructure.
• Compliance and Reporting:
  • Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); and
  • Prepare detailed reports and presentations for executive leadership and external audits.

Donna Cona is committed to a diverse, equitable and inclusive workplace. We are an equal opportunity employer. We don't discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. We are committed to maintaining a barrier free recruitment process by providing equal employment opportunities through recruiting and retention of individuals.

• To apply for this position please complete the form below.
• Name First Last
• Email
• Daytime Phone
• City
• Province/State
• Attach Cover Letter and Resume Max. file size: 20 MB. Please note that these must be in one document, and can be in .docx, .doc, .pdf or .rtf formats

Reference #: 7879
Location: Nunavut
Type: Sub-contract

Donna Cona Inc. is currently seeking a Chief Information Security Officer, for one of our key clients. The candidate will be a highly skilled and experienced Subject Matter Expert (SME) in Cybersecurity to lead the development of a comprehensive security program and operational plan. This critical role will support the protection of systems, data, and infrastructure by designing robust security frameworks, policies, and processes tailored to meet the unique needs of the client. The ideal candidate will bring extensive expertise in cybersecurity and IT governance, with a proven ability to deliver practical and scalable solutions. This role is instrumental in ensuring client systems and initiatives adhere to security best practices, safeguarding the integrity and confidentiality of client operations and services.

Key Duties and Responsibilities:

• Program Development:
  • Design and establish a comprehensive cybersecurity program, including policies, standards, procedures, and guidelines;
  • Develop a governance framework to support compliance with relevant laws, regulations, and best practices; and
  • Conduct a detailed risk assessment to identify vulnerabilities and prioritize mitigation strategies.
• Operational Planning:
  • Create an operational plan for implementing the security program, outlining timelines, resource requirements, and key milestones;
  • Define roles and responsibilities for cybersecurity within the organization, including staffing recommendations; and
  • Develop an incident response plan and disaster recovery protocols.
• Participation in Projects:
  • Collaborate with project teams to ensure new solutions, systems, and technologies are designed and implemented in alignment with security best practices and standard;
  • Conduct security reviews and assessments during project lifecycles to identify and address risks; and
  • Provide expert recommendations to integrate security into the design, development, and deployment phases of initiatives.
• Stakeholder Engagement:
  • Work with departments, agencies, and third-party stakeholders to align security initiatives with operational goals; and
  • Provide expert guidance to senior management and policymakers on emerging threats and strategic security priorities.
• Training and Awareness:
  • Develop and implement a cybersecurity training and awareness program for employees at all levels; and
  • Promote a culture of security within the workforce.
• Monitoring and Continuous Improvement:
  • Establish mechanisms for continuous monitoring and reporting on the security program's effectiveness; and
  • Stay abreast of new threats, vulnerabilities, and advancements in security technologies to ensure the program remains current and effective.
• Technical Expertise:
  • Recommend and assist in deploying security tools and technologies, such as firewalls, intrusion detection systems, and encryption; and
  • Oversee the design of secure architecture for IT systems and infrastructure.
• Compliance and Reporting:
  • Ensure compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR, or local regulations); and
  • Prepare detailed reports and presentations for executive leadership and external audits.

Donna Cona is committed to a diverse, equitable and inclusive workplace. We are an equal opportunity employer. We don't discriminate on the basis of gender, gender identity, sexual orientation, race, national origin, disability, age or any other protected status. We are committed to maintaining a barrier free recruitment process by providing equal employment opportunities through recruiting and retention of individuals.

• To apply for this position please complete the form below.
• Name First Last
• Email
• Daytime Phone
• City
• Province/State
• Attach Cover Letter and Resume Max. file size: 20 MB. Please note that these must be in one document, and can be in .docx, .doc, .pdf or .rtf formats