Security Certifications Director

Location & Position Type

Ottawa, Canada Ottawa, ON - Hybrid

We have a current vacancy for a Security Certifications Director to join our team in Ottawa, ON. This person will drive product certification strategies and lead a global team of security certification analysts. The role requires a leader with at least 5 years of recent, hands‑on experience navigating the complex ecosystems of external certification standards (such as NIST, PCI SSC, and CCRA).

• Act as the primary Thales representative to external bodies (NIST, PCI, CC).
• Utilize expert‑level knowledge of standards to negotiate favorable interpretation of requirements and influence the trajectory of future security mandates.

• Distill highly technical and often ambiguous certification requirements into actionable business intelligence.
• Advise executive leadership on the impact of regulatory changes on product viability and speed‑to‑market.

• Partner with Engineering and Product Management to design certification strategies that account for the nuances of FIPS 140‑3, Common Criteria (PPs/cPPs), and PCI‑PTS/HSM.

• Lead and mentor a high‑performing team of analysts, fostering a culture of “security by design” and ensuring all product evaluations meet rigorous external benchmarks on the first submission.

• 5+ years of direct, recent experience managing product certifications through external bodies (specifically NIST/CSE for FIPS, NIAP/BSI for Common Criteria, and/or PCI Council).
• Authoritative understanding of the current FIPS 140‑3 transition, Common Criteria v3.1 (and upcoming v4), and PCI‑HSM/PTS requirements.
• Proven track record of successfully negotiating with third‑party labs and government oversight bodies to resolve technical disputes or obtain variances.
• Exceptional ability to translate complex technical standards for non‑technical stakeholders, ensuring the business understands the “why” behind security requirements.
• 5+ years of experience leading cross‑functional teams in a global, fast‑paced hardware/software engineering environment.
• Eligibility to access technical information controlled under the Canadian Export Control List and/or US ITAR/EAR.

• Active participation in working groups (e.g., CCUF, ISO/IEC, NIST CCoE, or PCI Task Forces).
• Background in cryptography or secure systems architecture that allows for “peer‑level” technical debates with certification lab evaluators.
• Demonstrated ability to pivot certification strategies rapidly in response to shifting global regulatory landscapes.
• Proactive, pragmatic, and “can‑do” approach to developing ownership of solutions.

Target Total Compensation (TTC) market range: $180,000 – $230,000 CAD annually (inclusive of base salary and variable compensation target).

• Company‑paid Extended Health, Dental, HSA, Life, AD&D;, Short‑term Disability, Cancer Care Program, travel insurance, Employee Assistance Plan, and Well‑Being program.
• Retirement Savings Plans (RRSP, DCPP, TFSA) with a company contribution and a match to a DCPP, with no vesting period.
• Company‑paid holidays, vacation days, and paid sick leave.
• Voluntary Life, AD&D, Critical Illness, Long‑Term Disability.
• Employee Discounts on home, auto, and gym membership.

Thales is an equal‑chance employer that values diversity and inclusivity. Thales is committed to providing accommodations throughout the interview process. Applicants who require accommodation will be asked to advise upon invitation; all accommodation information is treated as confidential.