×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Lead, Cybersecurity Programs

Job in Toronto, Ontario, M5A, Canada
Listing for: Porter Airlines
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below

Job Summary

Reporting directly to the Director, Cybersecurity, the Lead, Cybersecurity Programs at Porter is tasked with validating and implementing the controls used to secure the company's digital frontier. This role encompasses working within and enforcing a comprehensive cybersecurity strategy, anchored in the rigorous standards set by the NIST Cybersecurity Framework and NIST 800-53 guidelines. A critical component of this strategy is the maintaining of a 24/7 cybersecurity operation to ensure Porter's preparedness against cyber threats with optimized response times.

Additionally, the Program Lead is responsible for validating and remediating robust data security and privacy protocols to safeguard Porter’s sensitive information, incorporating data classification, encryption, and compliance with data protection laws. The Program Lead is expected to review and deliver on projects with the goal of improving upon Porter’s cybersecurity posture. Additional scope of this role includes reporting on the enforcement of cybersecurity standards across IT and business sponsored projects, monitoring a proactive cyber defence infrastructure, monitoring organizational cybersecurity awareness and providing regular cybersecurity reports.

The Lead, Cybersecurity Programs will work with third-party vendors to help bolster Porter's cybersecurity defences, ensuring adaptability and strength in the face of evolving cyber threats. The success of the role will be measured by their ability to assist to achieve targeted maturity levels within the NIST framework, contributing to significantly reduce incident response times, helping to decrease vulnerabilities and breaches, validating participation in cybersecurity awareness within the organization, working with third-party vendors collaboratively, and securing necessary industry or regulatory cybersecurity certifications.

Duties & Responsibilities Cybersecurity Framework Implementation:
Implementation of Porter’s cybersecurity strategy, guided by the NIST Cybersecurity Framework and NIST 800-53 guidelines, to ensure a robust cybersecurity posture. Embed Cyber Principles in Design:
Review the design of business sponsored projects to ensure adherence to controls, standards and policies. Enhance Cybersecurity Posture:
Deliver projects in a timely manner with this goal in mind. Participate in 24/7 Cybersecurity Monitoring:
Participate in a 24/7 cybersecurity monitoring, detection, and response operation, equipped with advanced technologies such as Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and Endpoint Detection and Response (EDR), aiming to optimize incident response times (Mean Time to Detect - MTTD and Mean Time to Respond - MTTR), ensuring Porter's readiness to rapidly address and neutralize threats.

Data Security and Privacy:
Participate in the implementation of comprehensive data security and privacy measures, ensuring the protection and confidentiality of Porter's sensitive information. This includes implementing data classification, encryption strategies, and access controls, as well as ensuring compliance with relevant data protection regulations. Work with Cybersecurity Standards:
Work within the cybersecurity standards for IT projects to ensure compliance, aligning project objectives with Porter’s cybersecurity strategy and minimizing risks. Defend all assets:
Participate in providing a comprehensive cyber defence function that includes vulnerability management and ethical hacking to proactively secure Porter’s IT and OT systems against potential breaches. Ensure Organizational Cybersecurity Awareness:
Ensire ongoing cybersecurity awareness training participation, help organize regular phishing simulations, and participate in tabletop exercises to bolster organizational resilience against cyber threats. Develop Third-Party Vendor Relationships:
Build collaborations and participate with third-party vendors to supplement and enhance Porter’s cybersecurity capabilities, ensuring alignment with our strategic defence objectives. This includes managing external engagements for penetration testing…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search