Cybersecurity Manager
Permanent | REMOTE / GTA, ON | October 13, 2023
Cybersecurity Manager
Reporting to the Director, I/T Shared Services, the Cybersecurity Manager oversees and manages information management security programs and practices across the Client organization and its subsidiaries. The incumbent collaborates to identify, develop, and implement best practices in cybersecurity, policies, standards, and procedures related to information technology and information management security to ensure that information assets are adequately protected.
A multi-year project is underway to replace the ERP system from an on-premises IBM//RPG environment to a Cloud SaaS architecture. The Manager will work with the project team and be responsible for the production environment operations.
Roles and Responsibilities:
* Develop, implement and monitor a strategic, comprehensive, and effective enterprise cyber security and IT risk management program.
* Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
* Oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.
* Responsible for addressing compliance, risk management, potential risks, and mitigation strategy.
* Work with the organization to ensure alignment with COSO Framework, COBIT, NIST CSF, CEO/CFO certification, and ISO/IEC27001 in areas of RMI Information Security standards.
* Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories.
* Provide oversight to all investigations into problematic activity and provide ongoing communication with senior management.
* Engage in ongoing communications with peers in the IT teams as well as the various subsidiaries to ensure enterprise-wide understanding of security goals, solicit feedback, and foster cooperation.
* Other related duties as assigned.
Supervision:
* Not required.
Qualifications, Knowledge, and Skills:
* Degree in business administration or a technology-related field required.
* Minimum of seven (7) years of experience with network security audits and established cybersecurity guidelines or frameworks.
* Experience with Security incident management processes (i.e., identifying, managing, recording, and analyzing security threats or incidents in real-time).
* Knowledge of common information security management frameworks, such as COSO Framework, COBIT, NIST CSF, CEO/CFO certification, and ISO/IEC27001 would consider an asset.
* Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
* Excellent analytical, communication (written and oral), and interpersonal skills are required. A customer-focused attitude and excellent customer service skills are required.
* Experience with technology infrastructure and components, such as: cloud computing, operating systems, databases, networking technologies, and storage infrastructure (ie, Storage Area Networks, Network Attached Storage).
* CISA/CIA/CISSP preferred or “willing” to complete.
Familiarity in the following areas is an asset:
* Windows, Linux, AD, and MS365 enterprise infrastructure.
* Wireless access points, wireless handheld, and MDM tool.
* PAM (Privileged Access Management) Solutions.
* Enterprise storage systems and data backup technology.
* Scripting languages for automating tasks (Powershell, PERL, PHP).
#J-18808-Ljbffr