×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Director, Information Security

Job in Toronto, Ontario, M5A, Canada
Listing for: Aecon
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 145000 - 160000 CAD Yearly CAD 145000.00 160000.00 YEAR
Job Description & How to Apply Below

What is the Opportunity?

The Director, Information Security is responsible for managing the Governance, Risk & Compliance (GRC) and Information Security Architecture and Operations functions. This role ensures alignment to overall strategy, drives operational excellence, and constantly advances enterprise security maturity. This role reports to the VP, Information Security and influences senior stakeholders across IT, Legal, Privacy, and other business units.

What You’ll Do Here:

Governance, Risk & Compliance

  • Own enterprise security policy framework and risk management program aligned to NIST CSF and ISO 27001.
  • Oversee audits, regulatory assessments, and third-party risk management.
  • Ensures organizational compliance with CMMC 2.0 (US), CPCSC (Canada) and all other relevant security frameworks/regulations.
  • Oversee multiple external /internal IT audits including SOC 2, SOC 1, ITGC and Swift.

    • Security Operations

  • Lead 24×7 incident detection and response, threat intelligence, and vulnerability management.
  • Maintain and govern SIEM/SOAR use cases and incident response processes.

    • Security Architecture

  • Define security reference architectures and patterns (Zero Trust, cloud security).
  • Review high-risk initiatives and approve exceptions with compensating controls.

    • Budget & Vendor Management

  • Manage multi-million-dollar budget and work on the negotiations for complex contracts (MSA/SLA/SOW).
  • Oversee MSSP relationships and vendor performance metrics.

    • Leadership

  • Build and coach high-performing teams across GRC, Sec Ops, and Security Architecture.
  • Drive security culture and executive engagement.

    • What You Bring to the Team:

  • 10+ years in Information Security; 5+ years leading GRC, Sec Ops, and Architecture teams.
  • Proven experience managing large enterprise budgets and vendor contracts.
  • Certifications:

    CISSP, CISM, CRISC, CCSP preferred.
  • Strong knowledge of NIST CSF, ISO 27001, SOC 2, SOC 1, and Canadian privacy regulations.
  • Working knowledge of CMMC 2.0 would be considered an asset.

    • Reason for vacancy:
    New position

    The expected salary range for this opportunity is $145,000-$160,000

    Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search