Senior Information Security

We are seeking a seasoned and strategic Senior Manager Information Security Control to lead and strengthen our cybersecurity IT risk and compliance initiatives In this leadership role you will oversee the development and execution of security governance risk management internal control frameworks and compliance programs across a portfolio of client environments As a key advisor to executive stakeholders you will be responsible for delivering secure compliant and resilient information systems by driving the alignment of cybersecurity practices with business goals regulatory mandates and industry standards Key Responsibilities 1 Enterprise IT Risk Assessment Control Framework Oversight Lead the identification evaluation and mitigation of IT and cybersecurity risks across infrastructure applications and data assets Define and manage control frameworks to address key risk areas especially in cloud hybrid and multi-tenant environments Conduct executive-level risk assessments and deliver control strategies to reduce vulnerabilities and ensure operational integrity Oversee business impact analyses risk appetite assessments and the integration of risk controls into broader IT governance 2 Security Operations Incident Oversight Provide strategic direction and oversight to Security Operations Center SOC activities and security monitoring initiatives Lead high-severity incident management efforts ensuring timely escalation communication and root cause analysis Evaluate detection and response capabilities and implement enhancements for real-time threat intelligence and response workflows Define SOC performance metrics and ensure adherence to service-level agreements and best practices 3 Compliance Management Regulatory Alignment Lead enterprise compliance efforts with international and local regulations e g GDPR Law 25 PIPEDA ISO 27001 PCI-DSS Develop and maintain governance models internal controls and audit mechanisms to ensure regulatory readiness Manage client-facing and internal audit engagements ensuring timely resolution of compliance gaps and issues Act as a strategic liaison between technical teams compliance officers and legal counsel 4 Data Privacy Protection Governance Oversee the design and implementation of robust data protection programs including encryption anonymization and access controls Ensure organizational adherence to privacy laws through formal policies data protection impact assessments DPIAs and secure data lifecycle management Collaborate with Data Protection Officers DPOs and client stakeholders to operationalize privacy-by-design principles 5 Crisis Management Business Continuity Leadership Lead enterprise crisis response planning and business continuity initiatives including scenario testing and tabletop exercises Provide senior guidance during major cybersecurity incidents or breaches ensuring minimal business disruption and timely recovery Apply Now How many years of experience do you have in cybersecurity 6 years Less than 6 years How many years of experience do you have in Security Operations 4 years Less than 4 years How many years of experience do you have into Crisis management business continuity planning 5 years Less than 5 years Do you have experience in Data privacy and protection Yes No Do you have experience into IT risk assessments and control frameworks for eg ISO 27001 NIST COBIT Yes No Do you have experience with any of the compliance regulations mentioned - GDPR PIPEDA PCI-DSS ISO 27001 or Law 25 Yes No Are you currently serving a notice period Yes No If you are serving a notice period is your last working day approaching in the next 30 days Yes No If you are not serving a notice period what is your official notice period