Head of IT Security

Job Description : HEAD OF IT SECURITY CANADA an international financial institution is looking to hire a Head of Information Security to lead their IT risk and compliance function. This is an exciting opportunity to support them with setting up the controls and strategy of this function as well as play an intrumental role in the hands on execution. Minimum Requirements: Bachelor's degree/college certificate / or equivalent, in computer science, information technology, or related field. Minimum of 10 years of progressive experience. (at least 5 leading IT support, 5 leading cybersecurity, 5 years managing projects) ; preference to financial institution experience Experience with IT Risk and Audit dealing with Canadian regulation Minimum 5 years of management experience Cybersecurity education Business Education Required Experience: Managing and implementing business applications and infrastructure. SAAS, IAAS, PAAS cybersecurity standards, frameworks, and best practices; PCI-DSS, NIST, CIS18 working with globally distributed teams and users. Vulnerability scanning, system and employee behaving auditing tools Exposure to business intelligence and data analytics Leading technical support Leading cybersecurity PMI-PMP, CISM, SSCP, CISSP, ITIL, IoT, Industry 4.0 is an asset Functions, Responsibilities, and Tasks: In the second line of defense, oversees and coordinates security efforts across the Bank, including with departments such as information technology, human resources, communications, compliance, finance management and other groups, and identifies and establishes security initiatives and standards through out the organization. Recommend short- and long-term information security goals and objectives to business leaders. Works with key individuals throughout the organization to develop business cases for new security projects, and in the risk assessment of existing and planned information systems. Develop, implement and enforce IT, including IT and cyber security, standards, policies, and procedures, to ensure that all information systems are functional, secure and safeguarded throughout the Bank and are in compliance with privacy, customer trust and information security laws and regulations applicable to financial institutions. Perform assessments of IT risk management practices carried out by the first lines of defense, carry out quantitative analysis of threat and vulnerability scenarios which may impact the Bank’s IT systems operation as well as business processes supporting the Bank’s multiple delivery channels, ensuring all operates within the Bank’s risk appetite levels for cyber security and IT services. Review applicable IT roles/permissions for users to ensure requirements are fully met. Develop and conduct applicable Bank-wide oversight testing, including reporting on findings and ensuring where applicable that appropriate actions are determined. Contribute to the performance evaluation of IT system support persons, including IT security, development, and infrastructure. In partnership with the Head of IT to: provide expert and strategic advice to members of the leadership team on all technology matters affecting the Bank. ensure key business strategies and processes are supported by technology systems that enable growth and flexibility. achieve secure, reliable, and cost-effective operations of IT infrastructure and applications. effectively establish and manage the Company's IT budget evaluate emerging technologies and educate business stakeholders on the potential for new technologies to deliver a return on investment by enabling business innovation, efficiency, and competitive advantage. Ensure service-level requirements are met while upholding all regulatory and compliance standards. Support improved data security awareness and education, including on-call availability. Provide leadership as well as insuring the technical and administrative support for the development of Disaster Recovery and Business Continuity programs for the Bank.

---

Back