Description:
We are seeking a Director, Information Security & Risk Management to lead the Information Risk Management (IRM) program for the Canadian segment. This role is responsible for driving effective risk governance, aligning security with business priorities, and delivering measurable outcomes that support enterprise decision-making.
You will partner closely with global security teams, enterprise risk, and business technology leaders to integrate security into day-to-day operations and support strategic initiatives.
Position Responsibilities
Information Risk Management & Governance
- Lead and evolve the IRM program aligned to enterprise risk appetite and global frameworks
- Oversee identification, assessment, mitigation, and monitoring of information security risks
- Drive continuous improvement initiatives to enhance security maturity
- Manage issue remediation and corrective action plans to ensure timely resolution
- Monitor key risk indicators (KRIs) to support risk-informed decision-making
Metrics, Reporting & Executive Engagement
- Deliver clear, business-focused risk reporting to senior leaders and governance forums
- Translate technical security risks into actionable business insights
- Support risk committees with accurate and timely reporting
- Improve reporting efficiency through automation and data quality enhancements
- Contribute to budgeting, forecasting, and portfolio governance activities
Policies, Standards & Compliance
- Support development, maintenance, and communication of security policies and standards
- Ensure alignment with regulatory and organizational requirements
- Promote consistent adoption of security practices across the organization
Business Partnership & Collaboration
- Act as a trusted advisor to business leaders on security and risk topics
- Align cybersecurity priorities with business objectives and enterprise strategy
- Represent the Canadian segment in global security initiatives and planning
Leadership & Team Development
- Lead and develop a high-performing information security team
- Provide coaching, mentorship, and growth opportunities
- Foster a collaborative, inclusive, and accountable team culture
Required Qualifications
- Experience leading information security and/or information risk management programs
- Knowledge of security risk domains such as security architecture, vulnerability management, application security, and cloud security
- Experience in program or portfolio management with strong organizational and delivery skills
- Strong problem-solving, communication, and stakeholder management abilities
Preferred Qualifications
- Professional certifications such as CISA, CRISC, CISM, CISSP, or equivalent
- Experience working in a matrixed, cross-functional environment
- Ability to manage multiple priorities and drive outcomes across diverse stakeholders
When You Join Our Team
- We’ll empower you to learn and grow the career you want.
- We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
- As part of our global team, we’ll support you in shaping the future you want to see.