Vice President, Chief Information Security Officer (CISO)

Teranet Inc. • Full-time • Toronto, ON, CA • 1d ago

Who We Are

Teranet is Canada’s leader in the delivery and transformation of statutory registry services with extensive expertise in land and commercial registries. It also provides insightful property intelligence and data solutions to thousands of customers in the real estate, financial services, government, utilities and legal markets.

Teranet is wholly owned by OMERS, one of Canada’s largest pension plans, and is overseen by the plan’s global infrastructure investment arm, OMERS Infrastructure. Since 2008, OMERS has supported Teranet’s steady growth in various ways, helping Teranet advance its strategy to grow the registry business in new jurisdictions, and expand its commercial solutions to provide value add service offerings.

Teranet lives by its vision, mission, and values:

Vision

To be the trusted partner to governments and businesses in building stronger communities and economies.

Mission

To efficiently connect government, business and consumers through the delivery and transformation of registry services, data insights and ecosystem platform solutions, while always maintaining the highest standards of reliability and integrity.

Values

Teranet’s company culture and core values are the core of its identity. The values define who they are, how they engage with each other and their clients, and how they conduct business every day. They serve as Teranet’s guiding principles and are embedded in everything that they do.

Teranet’s values are:

We Create Value: We continuously seek ways to create value for our owners, customers and partners.
We Deliver What We Promise: We make clear and responsible commitments to our owners, customers, partners and each other and take ownership to deliver on them.
We are Resilient & Resourceful: We embrace challenges and persevere to achieve success.
We Respect & Value One Another: We recognize and appreciate others’ perspectives, experiences and contributions.
We Help Each Other Succeed: We support each other in achieving our own and our shared goals.

About the Role

Vice President, Chief Information Security Officer (CISO)

The Vice President, Chief Information Security Officer (CISO) is a pivotal executive role responsible for shaping and leading the organization’s comprehensive information security strategy. This role demands a visionary leader who can integrate a holistic view of information security into the broader business objectives, ensuring that Teranet’s information assets and data are safeguarded against evolving cyber threats.

As the CISO, you will oversee the development and implementation of robust security policies, procedures, and technologies that align with Teranet’s strategic goals. You will work closely with other C-level executives to establish a security-first culture across the organization. Your expertise will be crucial in navigating the complex regulatory landscape, managing risk, and fostering strong relationships with business units to balance security needs with business growth.

In this role, you will champion the evolution of Teranet’s security posture, leveraging cutting edge technologies and threat intelligence to predict and mitigate potential risks. Your leadership will be instrumental in ensuring that Teranet remains resilient in the face of cyber threats, maintaining the trust and confidence of clients and stakeholders.

Role Mandate

The Vice President, Chief Information Security Officer (CISO) has comprehensive oversight over Teranet’s Information Security Program and is accountable for the strategic design, development, implementation, configuration, and support of the technical security mechanisms that support Teranet’s security strategy, security policy and business objectives.
Reporting to the CIO, the CISO plays a critical role in defining and firmly establishing the policies aligned with the organization’s goals, to protect information assets and data that is valuable to Teranet. The scope of the policies must cover applications, systems, processes, and procedures to protect and secure [24]7 assets to ensure that the security risks to the organization are appropriately managed while providing client reassurances Teranet has security appropriately prioritized to protect their reputation.
The CISO is responsible for establishing appropriate enterprise protections aligned with Teranet’s risk appetite and compliance obligations, including PCI, SOC 2, HIPAA, privacy, etc. The CISO will develop strong relationships with businesses across the organization to balance between risk mitigation and business development initiatives while responsible for all aspects of Enterprise Cybersecurity to enable Teranet to operate a business in a cyber world saturated with many constant threats that can prohibit Teranet from meeting its many critical business objectives.

First Year Priorities:

Develop a deep and broad understanding of Teranet’s business; successfully integrate into the leadership team, build credibility as a key advisor to the executive business partners and contributor to the executive team.
Develop strong knowledge of the regulatory environment and requirements and how those affect cybersecurity strategies.
Assess current security posture, programs, and policies across the enterprise and all subsidiaries.
Review, assess, and finalize the short- and longer-term holistic information cybersecurity strategy for the enterprise.
Ensure all programs currently in flight are completed.
Organizationally, assess the overall information security structure and team and decide what enhancements and improvements, if any, would be needed to increase the efficiency and effectiveness of the function, focusing on engaging and retaining current team.

The Individual

The ideal candidate is a seasoned executive with experience defining and leading a holistic information security strategy across a complex organization. You view technology and business operations from a risk versus security perspective and implement controls to minimize risks and business disruptions. Engaged and respected in the security community, you use threat intelligence resources to predict and thwart potential future threats.

Role Criteria

Business acumen: ability to understand Teranet’s business operations, and the critical data they are trying to protect, as well as its stakeholders and industry to help drive financial results and strategic direction.
Proven history of developing information security policies and procedures for a growing, complex organization, and a record of successfully implementing programs within a dynamic environment
Well-connected in the security and threat intelligence community, forward thinker that can predict potential future threats.
Consultative, business focused approach; highly effective collaborator with history of managing complex projects to successful completion.
Strong analytical skills and experience in creating and interpreting a strategic vision into an operational model.
Must have ability to assess risk, compare risk of alternatives, and be able to balance the risks and potential business benefits associated with a particular course of action.
Well-developed people leadership skills and substantial leadership experience with a proven record of motivating staff, working collaboratively, coaching direct reports in a team environment with accountability.
Experience in establishing credibility, confidence and earning trust.
Must be politically savvy and diplomatic.
Requires strong facilitative, negotiation, influencing and presentation skills.
Excellent verbal and written communication skills including being able to effectively present to the Board and interface with executives, stakeholders, and clients within and outside of Teranet.

Qualifications & Education

Minimum of a University Degree in Computer Science, Technology and/or Business Administration
Relevant certification in Information Security field or acceptable combination of academic credentials and professional experience
10-15+ years of related work experience
Demonstrable experience in developing strategic and business plans.
5+ years of executive management experience in IT Security
5+ years leading investigations and managing incidents.
Thorough knowledge of market changes and forces that influence the company.
Outstanding analytical/problem-solving abilities
Certifications required: CCISO, CISSP, CISM, GSLC or other management level security certifications.
Strong knowledge & prior experience with PCI, SOC 2 Type 2, HIPAA compliance
Prior experience in managing Cloud security is a strong plus.
Experience of managing security across organizations with global presence
Experience managing local and offshore vendor consulting relationships.
Proven record of delivering Enterprise Security Programs on time, within budget and at a high standard of quality
Experience with due diligence and acquisition integration is a significant asset