Information Security Manager (Contract)

O2E Brands is looking for an Information Security Manager (12 month Contract). This role is responsible for planning implementing and maintaining our cybersecurity strategies and programs influencing the priority of security goals risks and plans across the organization. They have a strong understanding of cybersecurity frameworks assessment processes tools and standards as well as the ability to plan manage and communicate programs that align with the organizations cybersecurity goals.

This role provides day-to-day oversight of security operations and risk management activities while managing a team of contractors to ensure execution of security initiatives aligned with business and compliance requirements.

ð HYBRID WORK ENVIRONMENT

Our motto Its All About People drives us to create a hybrid work model that promotes collaboration celebration and connection while giving you the flexibility to work where it makes sense for you.

• Vancouver-based and Toronto-based team members work in-office every other week (TuesThurs). Core attendance is required from 9 AM 3 PM on these days to support business priorities.

ð¼ A DAY IN THE LIFE

• Lead and oversee the development and execution of enterprise-wide cybersecurity programs that align with the organizations goals and objectives.
• Ensure that all programs are in compliance with cybersecurity frameworks assessment processes tools and standards by maintaining governance over assessment processes control implementations and compliance validation activities.
• Direct and manage multiple security initiatives and cross-functional projects providing leadership to contractors and internal teams to ensure timely and successful completion.
• Communicate program performance risks and mitigation strategies to stakeholders including both technical and leadership teams.
• Establish and maintain program documentation including program plans project plans and roadmaps.
• Mentor and support technical teams and contractors by providing subject matter expertise and fostering professional growth through guidance coaching and accountability.
• Monitor industry trends and best practices to identify opportunities for improvement in our cybersecurity programs.
• Collaborate with other teams within the organization to ensure that cybersecurity considerations are integrated into all aspects of business operations.
• Champion ongoing internal security advocacy and awareness training.
• Assess security systems and test applications and infrastructure for vulnerabilities and seek improvements on a continuous basis.
• Develop Cybersecurity best practices and security standards for the organization.
• Direct the execution of vulnerability assessments and penetration testing across applications systems and infrastructure ensuring findings are prioritized and remediated.
• Lead incident response and threat management coordination efforts ensuring contractors follow escalation protocols post-incident analysis and continuous improvement.
• Evaluate select and manage security tools and vendor relationships ensuring solutions meet evolving organizational needs and contractual expectations.
• Track key metrics and provide regular reporting on security posture risk remediation efforts and contractor performance to leadership and audit stakeholders.

ð WHAT YOU BRING TO THE TABLE

• Bachelors degree or equivalent in Computer Science Cybersecurity or related field.
• At least 7 years of experience in cybersecurity with at least 2 years of experience in management.
• Strong understanding of cybersecurity frameworks assessment processes tools and standards such as NIST ISO and CIS.
• Proven ability to plan manage and communicate security programs and projects with experience delivering measurable outcomes aligned with risk management goals.
• Advanced technical expertise in cybersecurity including knowledge of security technologies practices and principles.
• Excellent communication and interpersonal skills with the ability to build relationships with stakeholders at all levels of the organization.
• Strong leadership and project management skills with the ability to motivate and lead cross-functional teams.
• CISSP CISM or other relevant cybersecurity certifications are highly desirable.
• Vendor risk management and third-party cybersecurity assessments including understanding contract security requirements and SLAs.

ð COMPENSATION & BENEFITS

• Salary $159000 to $185000 (Actual salary offered will be commensurate with education experience and internal equity.)
• A Total Compensation Package designed to support your financial personal and professional well-being. This includes:
• Comprehensive Extended Health & Dental Benefits
• Generous Paid Time Off including annual vacation and personal days
• Hybrid Work Environment offering flexibility to work both remotely and from our corporate offices
• Speak to us to learn more about what we offer

ð THE HIRING PROCESS

• Pre-Screen Lets talk about your experience goals & excitement for this role!
• Interviews Two or more interviews with different team members including structured competency & scenario-based questions
• Presentation/Assessment
• References & Background Check
• We use audio recording transcription for our interview practices ð

ð ABOUT US

Did you know O2E Brands has been voted one of the Best Workplaces in Canada 15 times! Take a sneak peek into why that is here: (YouTube) Check us out on social!

At O2E Brands we know that great talent comes in many forms and we want to meet you at your best. We value diversity and inclusivity. We will provide reasonable accommodations to applicants with disabilities at any time throughout the recruitment and selection process upon request.

âï Ready to take your career to the next level Apply today! ð

#LI-Hybrid

Required Experience:

Manager