Senior Manager, Information Security

Location: St. Catharines

Senior Manager, Information Security at Meridian Credit Union  Join to apply for this senior role. The position is currently accepting applications and we encourage early submission.
At Meridian we integrate our purpose into everything we do for people, the planet, and communities. We believe our greatest opportunity is to create opportunity and meet people where they are.
We are seeking a highly experienced Senior Manager to lead our cybersecurity team and drive the execution of our enterprise-wide Cyber Security Strategy. In this pivotal role you will develop and mentor a team of security specialists, oversee cybersecurity risk assessment, vulnerability management and security awareness programs, and lead the Computer Incident Response Team (CSIRT), ensuring rapid mitigation of threats to organizational assets.

You will shape Meridian’s security architecture, standards and key cyber controls, coordinate compliance activities, collaborate on strategic initiatives, evaluate new technologies, and champion continuous improvement in cybersecurity practices to safeguard Meridian’s reputation and assets.

Key Responsibilities   Team Leadership & Development  Mentor and coach a high‑performing team of security professionals, fostering engagement and building competencies.
Conduct performance appraisals and support professional growth.
Allocate security resources to business project teams and manage priorities based on business needs and cybersecurity risks.

Incident Response  Lead and enhance Meridian’s CSIRT, including annual tabletop exercises and executive reporting.
Oversee incident monitoring, escalation, and documentation to ensure rapid response to threats.
Design and govern incident response systems, including intrusion detection, security event management, and data loss prevention.

Risk Assessment & Controls  Lead organizational information security audits and risk assessments, ensuring timely delivery and quality output.
Collaborate with business units to remediate audit findings and implement security requirements for new and existing processes.
Design and implement security controls and standard configurations for information systems.

Threat Intelligence  Provide expertise on emerging threats and the external threat landscape.
Facilitate security monitoring and threat intelligence programs, and communicate risks to executives.
Develop threat intelligence communications standards and produce regular security reporting.

Security Standards & Compliance  Review and improve enterprise security architecture, standards, procedures, and controls.
Coordinate compliance activities and ensure alignment with organizational policy and industry best practices.
Lead the security exception and exemption process, recommending actions where standards cannot be met.

Vulnerability Management  Oversee the identification, assessment, and prioritization of vulnerabilities across Meridian’s technology environment, ensuring timely remediation and risk reduction.
Develop and maintain processes for continuous vulnerability scanning, reporting, and follow‑up with relevant stakeholders to ensure closure of identified issues.
Collaborate with IT and business units to implement best practices and controls that minimize exposure to known and emerging threats.

Security Awareness  Design and deliver comprehensive security awareness training initiatives.
Monitor program effectiveness through metrics, feedback, and periodic assessments, adapting content to address evolving threats.
Champion a culture of security awareness by promoting proactive behaviors, open communication, and ongoing engagement across all levels of the organization.

General & Strategic Initiatives  Provide subject‑matter expertise on corporate and operational projects.
Lead security assessments and audits, interpret results, and communicate recommendations.
Liaise with vendors and partners to ensure compliance with security requirements.
Represent Meridian within the broader financial‑institution cybersecurity community.

Knowledge, Skills, and Abilities   Working knowledge of techniques, technologies and processes for securing large infrastructures, including intrusion…