Information Security Manager Jobs

Manager, Information Security

Reporting to the Chief Information Officer (CIO), the Manager Information Security establishes and oversees the Region Information Security Management System (ISMS) – risk management, technical protection, user awareness program, compliance, security consultation and business continuity.

The incumbent will:

- Design and oversee the Information Security Office managing a security team responsible for implementing programs as well as day-to-day security operations

- Implement and maintain the Region Information Security Management System (ISMS)

- Lead the overall region information security program, new security solutions, the creation and/or maintenance of policies, processes, guidelines, and procedures

- Provide tactical direction as it pertains to Information technology and acts as the subject matter expert on the region's security governance, strategy, and roadmap

- Administer an ongoing, proactive risk management program for all new and existing risks so effective controls can be put in place for those areas presenting the greatest information security risks

- Oversee the Region's Vulnerability Management and Information Security Incident Management program

- Educate and explain information security matters to other technical and non-technical staff members

The successful applicant will possess:

- A bachelor's degree in computer science, information technology, or a related discipline

- Information Technology Infrastructure Library V4 (ITIL) Foundation Certificate

- Two of the following certifications required: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM) or Certified Chief Information Security Officer (CCISO)

- Extensive progressive experience in an Information Security environment

- Experience supervising and leading staff

- Knowledge and practical experience adopting and enforcing industrial information security standards, International Organization for Standardization (ISO) 27001:2022 & ISO 27002:2022, or National Institute of Standards and Technology (NIST) 830

- Demonstrated experience in leading internal cyber audits and preparing external security reviews

- Ability to effectively prioritize and execute tasks in a high-pressure environment and make sound decisions, sometimes in emergency situations

- Develop strategic plans and translate them to actionable roadmaps

- Strong collaboration skills to build teams across business boundaries

- Proven analytical, problem solving, and negotiation skills

- Strong planning, budgeting, project, and time/project management skills

Salary: $125,846 to $157,308 per annum

Conditions of Employment

Prior to the start date, the successful candidate will be required to provide a satisfactory Criminal Record and Judicial Matters Check dated within two (2) months from date of hire. Proof of education, qualifications and any other job bona fide requirements will also be collected.

External Application Process

Come find a home where exciting and rewarding careers are balanced with your lifestyle. We thank all applicants; however, only those being considered will be contacted. Please apply online https://bit.ly/45y4YZR no later than midnight (Eastern Standard Time) on the closing date indicated on the Job Posting.

The Region of Durham is an equal opportunity employer committed to an inclusive, barrier-free recruitment and selection process. If contacted for an employment opportunity and you require accommodation, or if this information is required in an accessible format, please contact us at: [email protected] and a Recruiter will provide appropriate assistance pursuant to the Region's Accommodation and Accessibility policies. Please note that resumes should not be sent to [email protected].