Director, Information Security

Our Company:

We are about building communities, not just networks. We believe that people are at the heart of everything we do. We’re committed to making life better for our customers, our employees, and the communities where we live and work. Founded in the underserved Toronto neighborhood of Liberty Village, we've always understood the importance of connection. That's why we committed ourselves to building a fiber-optic network throughout the community and have continued to expand our network ever since. For 35+ years, we have been proud to build, own, and operate an extensive & robust fiber-optic network throughout Toronto, Montreal, and Vancouver. Now with 450+ employees, we continue to deploy our own construction, fiber splicing, installation, network operations and support teams. Our services are delivered to thousands of commercial and residential service addresses using Beanfield owned facilities.

Job Summary:

This role is a senior leadership position responsible for the overall security strategy, operations, and financial management of the company’s information security program.

Key Responsibilities:

Cybersecurity Operations Monitoring

• Threat Detection and Reporting: Oversee the continuous monitoring of operations to detect and report potential security threats or incidents in real time.
• Threat Intelligence Integration: Stay abreast of emerging cybersecurity threats, trends, and ensure timely communication and integration of threat intelligence into security operations.
• Automated Monitoring Systems: Implement and manage advanced monitoring systems that ensure security anomalies are detected, analyzed, and acted upon swiftly.

Vendor Management & Third-Party Security

• Vendor Security Assessments: Lead the process of evaluating and managing third-party vendors to ensure they comply with the organization's information security policies.
• Contractual Obligations: Ensure that security requirements are included in all vendor contracts and that they meet necessary regulatory and compliance standards.
• Supply Chain Risk Management: Develop and maintain a risk-based process for assessing and mitigating risks from third-party vendors, supply chain partners, and external service providers.

Budget and Financial Management

• Budget: Develop and manage the information security department’s annual budget, making recommendations for funding both operational security needs and strategic initiatives.
• Financial Reporting: Perform regular financial reporting, including variance analysis, to ensure the department stays within its budget, and communicate financial impacts to senior leadership.
• Cost Management: Identify opportunities for cost savings and optimization in security tools and resources without compromising security posture.

Disaster Recovery & Business Continuity

• Disaster Recovery Plan: Develop and maintain a comprehensive disaster recovery and business continuity plan to ensure quick recovery of critical IT systems and minimize business disruptions.
• Business Impact Analysis: Collaborate with the VP of Finance Audit & Risk to perform regular Business Impact Analysis (BIA) and adjust disaster recovery strategies accordingly.
• Testing and Updates: Conduct regular disaster recovery tests to ensure the organization is fully prepared for potential incidents, continuously updating the plan based on lessons learned.

Audits, Compliance & Certifications

• Security Audits: Lead the execution of both internal and external security audits, ensuring that all policies, processes, and systems comply with the latest industry standards and regulations.
• Certification Management: Oversee the pursuit and maintenance of relevant information security certifications to demonstrate security controls are effective.
• Regulatory Compliance: Ensure compliance with all applicable legal, regulatory, and contractual information security requirements, including data privacy laws such as GDPR or CCPA.

Governance, Reporting & Metrics

• Reporting Structure: Establish regular reporting mechanisms to provide insights to the C-suite and Board of Directors on cybersecurity metrics, emerging threats, incidents, and risk mitigation efforts.
• Performance Metrics: Develop a cybersecurity performance framework with key operational metrics, and continuously measure the effectiveness of security initiatives.
• Board-Level Communication: Work closely with the Leadership team to provide quarterly updates on information security status and strategic progress to the Board's Audit Committee.

Qualifications:

• Bachelor’s in IT, Computer Science, Business Administration, or related field.
• Master’s in related field or MBA preferred
• 15+ years of progressive experience in IT operations, information security, and systems.
• CISSP certification.
• Strong communication, leadership, and business management skills.
• Expertise in security policies, risk management, and cybersecurity frameworks.
• Proven project management, budget management, and strategic execution skills.
• Expertise in network planning, operations, governance, risk, and compliance.
• Experience managing IT professionals and third-party vendors.
• 10+ years of experience in managing IT functions
• ITIL-based governance, data center operations, and organizational change management experience.
• Experience with network infrastructure strategy and next-gen networking technologies.

What's in it for you?

• Competitive base salary plus bonus based on individual and company performance.
• Permanent, full-time position.
• A comprehensive group insurance plan - medical, dental, vision care with health and lifestyle spending accounts.
• A fantastic parental leave top-up program.
• Multiple wellness and mental health programs and resources to help you thrive.
• Support for professional and career development.
• Multiple employee resource groups to get involved with!

Diversity, Inclusion, & Equity and Accessibility

Beanfield is an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, etc. Beanfield is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, contact hr@beanfield.com.

Please note that final candidates for this position will be required to undergo a confidential pre-employment check. Candidates must be legally able to work in Canada at this time. Beanfield regrets to inform that we are unable to sponsor employment Visas.