Chief Information Security Officer
Listed on 2026-02-16
-
IT/Tech
Cybersecurity, IT Project Manager, Systems Engineer, IT Consultant
At Orion Steel Group LLC, our strength starts with our people! As a team we collaborate to solve problems, contribute ideas and challenge each other to ensure growth and ultimately success for the business and our employees.
Job Description & ResponsibilitiesThe Chief Information Security Officer (CISO) is the executive leader responsible for shaping, directing, and leading the cybersecurity program for Orion Steel Companies while ensuring system availability and reliability. The CISO will provide strategic cybersecurity guidance and oversight into IT infrastructure and application platforms by leading and managing the cybersecurity programs to help protect their infrastructure, data and applications. This leader is responsible for system and network availability and reliability across the enterprise while driving 24x7 operational excellence, across security monitoring, incident response, vulnerability management, and attack surface reduction.
The CISO will have extensive knowledge of Cisco networks, cybersecurity best practices, industry standards, and regulations. The CISO will also have strong communication, leadership, and project management skills, as well as the ability to work collaboratively with internal and external stakeholders. This is a technical leadership role.
Orion Steel is committed to maintaining and promoting a safe, healthy and injury-free environment. It is required for all jobs.
Strategic Leadership & VisionDevelop and execute a multi-year Information Systems Security and Infrastructure strategy aligned with business objectives and cyber security best practices
Ensure the availability of systems and networks meet or exceeds the uptime requirements of business operations
Lead the enterprise cybersecurity function ensuring continuous monitoring, detection and response to cyber threats
Oversee IT Infrastructure and security including systems, networks and enterprise security domains such as endpoint protection, email security, vulnerability management and attack surface management
Conduct regular pentesting for both external and internal environments. Conduct annual tabletop exercises for the cybersecurity incident response process
Maintain strong situational awareness of emerging threats and vulnerabilities relevant to the steel industry
Own the enterprise cybersecurity strategy, including security architecture, threat mitigation, identity and access management, and security incident response.
Lead the Security Systems Engineer in building and maintaining a robust security posture across IT and OT systems.
Ensure compliance with Canadian and U.S. regulations (e.g., PIPEDA, CCPA, NIST, SOX where applicable).
Oversee key security technologies, including SIEM, SOAR, EDR, and threat-intelligence platforms.
Drive automation and orchestration to reduce mean time to detect (MTTD) and mean time to respond (MTTR).
Oversee business continuity planning, disaster recovery, and risk management programs.
Develop and manage the Information Infrastructure and Systems Security budget, including capital planning, operational expenditures, and technology investments.
Establish infrastructure and security governance frameworks, policies, and standards for enterprise IT and OT operations.
Manage and set priorities for the design, maintenance, development and evaluation of all infrastructure and cybersecurity systems
Manage vendor relationships, contracts, and negotiations for hardware, software, services, and telecommunications.
Lead and mentor a multi-disciplinary technology team with managers and engineering specialists across multiple sites.
Ensure clear organizational structure, succession planning, and employee development.
Foster a culture of accountability, collaboration, cyber awareness, safety, and continuous improvement.
Advise senior management on risk levels and information system security posture
Advise senior management on cost/benefit analysis of information security programs, policies, processes, systems and elements
Communicate the value of information technology security throughout all levels of the organization
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies
Work closely with plant leadership to ensure technology adheres to cybersecurity best practices
Act as the primary liaison between enterprise IT and Operational Technology (OT) groups.
Bachelor’s degree in Information Systems, Computer Science, Engineering, or a related field.
Master’s degree in Business, Engineering, or Information Systems (MBA or MSc) preferred
Executive-level certifications (CISM, CISSP, GIAC) required
10+ years of progressive IT leadership experience, including executive leadership responsibility.
Experience overseeing infrastructure, networking, and cybersecurity functions in a multi-site industrial or manufacturing…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).