This job board retrieves part of its jobs from: Healthcare Jobs | Professional Careers | Toronto Jobs

To post a job, login or create an account |  Post a Job

  Toronto Jobs  

Bringing the best, highest paying job offers near you

previous arrow
next arrow

Manager, Cyber Security Governance and Compliance

Canadian Tire Corporation Ltd

This is a Contract position in Toronto, ON posted December 31, 2020.

Help us boldly shape retail in Canada

Canadian Tire Corporation’s (CTC) rich heritage of serving Canadians from coast-to-coast dates back to 1922. Our vision is to become the #1 retail brand in Canada and we are focused on innovating and making important investments in our business, especially when it comes to our people. To reach our goal, we need the best talent to help us evolve and drive change across the business – and boldly help shape Canada’s retail industry. As we strive to be at the forefront of a complex and vastly changing retail industry, it is an exciting time to join the Canadian Tire family of companies.

As the Manager, Cyber Security Governance and Compliance, you will be responsible for leading a team that supports IT compliance within the organization. You will work with team members across Canadian Tire Corporation (CTC) such as Financial Services, Retail, Petroleum, PartSource, Mark’s and FGL Sports. You will develop and manage activities that assist in the development, implementation and sustainability of a Governance and Compliance framework to foster ongoing compliance across the Enterprise. The Manager is also responsible for the development and sustainment of the Security Awareness program within the organization.

What you’ll do

  • Manage Governance & Compliance services for Cyber Security including Security Policies and Standards, Compliance to IT General Controls, Certification Key Applications (CKA) and Digital Crown Jewels (DCJ) Programs, Compliance to Vulnerability and Hardening standards and Audit related controls.
  • Lead team of direct reports to manage the Governance and Compliance function for Canadian Tire.
  • Lead the remediation of Penetration Testing process for the organization including development of reporting, tracking and remediation activities.
  • Build, Enhance and Deliver Security Awareness Program for the organization including annual awareness, role based training and phishing programs.
  • Provide evidence required to meet various compliance programs including PCI, CEO/CFO Certification, Internal/External Audit and OSFI.
  • Partner with key internal stakeholders to deliver and report on IT security controls.
  • Ensure technology compliance with company-wide information security policies
  • Define and report on information security metrics
  • Support and monitor ongoing compliance activities relative to applicable regulations and standards (e.g. NIST Cyber Security Framework, etc.).
  • Gather required evidence from all functional areas necessary to demonstrate required security controls are in place for CKAs and DCJs.
  • Develop repeatable processes for managing evidence from all applicable functional areas to maintain and demonstrate ongoing compliance with standards and programs.
  • Manage approvals for non-compliances to the standards based on business or technical justifications.
  • Develop and report security compliance metrics for the enterprise including specific processes, business units, and individual assets and applications.
  • Develop/modify Information Security policies, standards, procedures, and guidelines in accordance with the applicable regulations, industry changes, and changing business needs.
  • Develop, document, assess, and measure internal controls related to cyber security program maturity.

What you’ve done

  • University degree or College diploma in technology or business related discipline
  • 7+ years of related business experience
  • Strong IT Security or IT Audit background
  • Experience in and strong knowledge of risk governance and compliance, security, and operations
  • Experience with assessing, designing, or implementing security programs or specific capabilities, including governance, security monitoring, and vulnerability management.
  • Excellent communication skills with the ability to translate technical requirements for non-technical business partners and influence/persuade a different point of view
  • Ability to clearly and confidently communicate written and verbal recommendations; articulating risks and trade-offs
  • Experience partnering with and leading external vendors
  • Excellent relationship management, consulting, and problem solving skills
  • Exceptional time management and self-management skills
  • Ability to travel as required to other office locations such as Toronto, Welland, and Calgary
  • CISSP and/or CISA ISA designation is considered an asset
  • Direct experience with the NIST Cyber Security Framework (CSF)

About Canadian Tire Corporation

Canadian Tire and its family of companies are boldly shaping retail in Canada and we continue to deliver a positive experience for our customers. As one of the most trusted brands in Canada, our employees take pride in the work we do across the country. It’s more than the iconic triangle that keeps our employees around. From benefits and perks, to learning and development opportunities, to our commitment to Jumpstart – these are some of the many reasons why Canadian Tire Corporation is one of Canada’s Best Managed Companies.

To learn more about this team and the Canadian Tire family of companies follow us on LinkedIn.