Full-Time Manager of Cybersecurity

Reporting to the Director, Cybersecurity, Privacy and Health Information Management (HIM), the Manager, Cybersecurity, is responsible for overseeing the information security program at Osler to ensure all aspects of the program align with the organizational vision, mission and values.

The Manager provides strategic direction but at the direction of the Director, Cybersecurity, Privacy and HIM. The Manager leads the team through the information security program by establishing highly effective policies, corporate protocols and appropriate collaboration among teams.

In addition, the successful candidate will assume responsibility for the education and enforcement of those protocols and matters of compliance. The Manager is required to provide mentorship to program staff and other stakeholders, both internal and external.

This position will help design and facilitate the adoption of good security practices by Osler staff and is required to provide leadership support and consultations with both internal and external stakeholders.

1. Identifying required resources and support
2. Identifying costs and implementation
3. Identifying any potential conflict with existing systems or uptime
4. Review existing security posture
5. Identify gaps and areas of improvements
6. Consult with Director regarding budget potentially available
7. Documenting risks and benefits of implementing new technology
8. Reviewing and costing solutions through SSW
9. Confirm internal resourcing available to support implementation, which may require the support of other teams
10. Environmental scanning of peer organizations and best practices
11. Reviewing existing policies for gaps and improvements
12. Engaging stakeholders on potential changes and identifying operational impacts
13. Communicating benefits and risks
14. Seeking approval by drafting decks, briefing notes
15. As a SME, provide support for investigations, threats, and documentation that may be required for law enforcement, claims or internal investigations
16. Reviewing existing technologies and learning about available technologies in the market place
17. Making a business case to change, through consulting with stakeholders to understand impact and opportunities for automation and enhanced security
18. Maintain relationship with vendors to understand current application available, cost projections and potential available upgrade
19. Maintain environmental awareness of other tools in the market and how they compare with current state, along with assess difficulty and costing (time/money/value) of adoption/removing

What is the last date for applying to the job?

Which countries are accepted for this remote job?