MANAGER, SECURITY MODERNIZATION
Supply Ontario is seeking an information security professional to manage the governance of its Information Security program, the Information Security Management System, and the necessary specialist staff resources, processes, and technologies.
Reporting to the Director, Enterprise IT Services, you will provide senior level strategic and tactical guidance on the execution of a mandate to establish, implement and maintain a secure technology infrastructure and application environment based on Supply Ontario’s Information Security Policy & Standards.
In this role, your key responsibilities will include:
- Accountability for the identification of the changing Information Security landscape and delivery of Cyber security services into the Supply Ontario environment to manage the Enterprise risk profile.
- Commissioning external audits of the information security and privacy programs.
- Providing technical advice to delivery teams (internal and vendor) regarding SA questions, technology risk assessments, technical designs, problem resolution and delivery issues.
- Monitoring and assessing threats and trends in the information security landscape that may impact information security at Supply Ontario and communicates these threats and trends to the relevant audiences.
- Developing, implementing, maintaining, distributing, and disseminating the Information Security Program and associated policies, standards and procedures and other controls needed to meet the business needs of Supply Ontario across all employees and relevant vendors.
- Implementing and maintaining information security and privacy awareness and education programs across Supply Ontario to educate all employees, contractors, subsidiaries, affiliates, and related companies and vendors on security and privacy requirements.
- Conducting information security risk assessments, ensuring that risks are accepted and managed by the appropriate risk owner.
Successful candidates will demonstrate the following:
- Completion of a degree in Business, Engineering, Systems Design, Computer Sciences or a related discipline – or a combination of education, training and experience deemed equivalent.
- Proven and demonstrated experience contributing to the success of a range of midsize-to-large initiatives with exposure to enterprise architecture planning, design, development, implementation, and maintenance.
- Experience in developing requirements to support procurements as well as experience leading procurements dealing with Cyber technology.
- Subject Matter Expert (SME) in one or more of the following architecture domains, including: information, infrastructure, application, business and/or security architecture to provide advice/expertise on I&IT product roadmaps and lead the development and maintenance of an enterprise-wide program or strategy.
- Extensive experience researching emerging technologies including developments within the field, corporate policies and practices, legislation and initiatives by other levels of government.
- Knowledge and understanding of IT Security frameworks such as SOC2, NIST, ISO 27011 and ISO 27002, etc.
- Understanding of Integrated Delivery Methodology (Software Development Lifecycle and Project Management Lifecycle)
- Advanced knowledge of cyber security technologies, processes and practices, cyber threat intelligence concepts, protocols and principles, as well as cyber security controls.
- Experience with the audit process and performing risk-based audits.
- Excellent communication and active listening skills with an aptitude for extracting and synthesizing complex information.
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) or Equivalent is mandatory
- Supply Ontario offers a competitive compensation package including benefits and defined benefit pension plan.
HOW TO APPLY: To apply, please click on the following link: APPLY NOW by December 23, 2022. We thank all applicants for their interest, however, only those selected for further consideration will be contacted.
Supply Ontario is an inclusive employer which respects equity, inclusion, diversity and anti-racism. Accommodation, if required, will be provided throughout the hiring process in accordance with the Ontario Human Rights Code.
Supply Ontario is a new provincial agency with an ambitious mandate to transform and modernize the province’s public sector supply chain management system.
Supply Ontario’s vision is to build world-class capability that harnesses Ontario’s buying power to enable economic development, province-wide resilience and value for Ontarians. We are currently establishing our initial operations, building our foundational infrastructure and planning for how the agency can best provide services. To learn more about Supply Ontario, please visit www.supplyontario.ca.
Diversity, Inclusion and Belonging are important values of the organization, where each employee is respected and valued for their differences. Every employee brings unique skills, background and experiences to Supply Ontario, regardless of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or ability. These diverse and different perspectives enrich our organization and our working life.
La diversité, l’inclusion et l’appartenance constituent des valeurs importantes de l’organisme, où tous nos employés sont respectés et estimés pour leurs différences. Chaque employé apporte des compétences, des antécédents et des expériences uniques à ApprovisiOntario, sans égard à sa race, à son origine nationale ou ethnique, à sa couleur, à sa religion, à son âge, à son sexe, à son orientation sexuelle, à son identité de genre ou à sa capacité. Ces points de vue diversifiés et différents enrichissent notre organisme et notre vie professionnelle.