Sr Director, ISO
- Toronto, ON
- Permanent
- Temps-plein
Job ID: 82101
Location: Toronto, Ontario*Position already coveredOverview:
Toronto Community Housing, a City of Toronto Corporation has outsourced the hiring of this key new team member to its external vendor program. We are working on conjunction with their team and can expand upon the information below; if you feel a solid match, but have some reservations, please apply and allow us to assist in your evaluation of this important role with TCHC.Job TitleSenior Director, Information Security OfficerDivisionInformation Technology ServicesReports ToCFOHiring ManagerMax Salary RangeHiring Range: $185,772.55 – $204,349.81
Salary Range: $185,772.55 – $222,927.06Work Location729 Petrolia Road, Toronto (Hybrid)Job TypePermanent Full TimeShift InformationMonday to Friday, 36.25 hours work weekThe Senior Director, Information Security Officer (ISO) is a strategic executive leadership role responsible for overseeing the entire cybersecurity posture of Toronto Community Housing Corporation (TCHC) and Toronto Seniors Housing Corporation (TSHC), while also liaising with the City of Toronto. The ISO leads the development, execution, and continuous improvement of comprehensive cybersecurity programs that protect digital and information assets and ensure organizational resilience. This position is accountable for ensuring the confidentiality, integrity, and availability of TCHC’s technology infrastructure, and for aligning security strategies with business objectives, regulatory compliance, and emerging threats.The ISO directly advises the Executive Leadership Team and Board of Directors, and leads cross-functional collaboration with municipal, regulatory, and law enforcement partners.What you will be doing:Lead enterprise-wide cybersecurity governance, risk management, operations, and compliance across TCHC and affiliates.Design and implement cyber strategy, policies, standards, procedures, and controls aligned with NIST CSF and other frameworks.Oversee threat monitoring, incident response, vulnerability management, and forensics functions.Manage and mentor a large multidisciplinary cybersecurity team (20+ staff), including four senior managers.Provide expert advisory and reporting to the CFO, executive leadership, and Board Committees.Ensure alignment of cybersecurity posture with operational technology (OT) and information technology (IT).Supervise cybersecurity risk assessments, maturity assessments, and internal/external audits.Direct disaster recovery (DR), business continuity planning (BCP), and emergency response efforts.Ensure legal, privacy, regulatory and audit compliance across cybersecurity programs.Establish and report enterprise-level KPIs and performance metrics.Lead strategic vendor and stakeholder management with City of Toronto, regulatory bodies, vendors, and law enforcement.Oversee a cybersecurity budget of $3.5M–$4.5M and ensure responsible fiscal management.Promote cyber awareness programs and conduct executive-level and board-level training.Act as incident commander during major cyber events or crises, including war room coordination.Reporting StructureReports To: Chief Financial Officer with transition to the VP ITS in due timeDirect Reports: 4 Senior Managers (IS Defense & Operation; GRC/Risk & Security Architecture; Security Program Execution; Security Program Manager)Team Size: Over 20 staff including supervisors and leadsCollaborates With: City of Toronto’s Office of the CISOKey InterfacesInternal: Legal, Compliance, Enterprise Risk, IT, Facilities, Communications, Finance, People & CultureExternal: City of Toronto, Regulatory Bodies, Cybersecurity Vendors, Auditors, Law EnforcementWhat you must have:
ExperienceMinimum 15 years in information security, with at least 10 years in senior leadership roles.Proven experience in leading cybersecurity transformation programs in complex environments.Education:Bachelor’s or Master’s degree in cybersecurity, information systems, or related field.Certifications (at least one preferred):CISSP, CISM, CRISC, CISA, GSLCNice to have:Experience in the public sector or similarly complex organizations.Strong technical knowledge in IT/OT security, cloud security, and incident response.Expertise in security frameworks: NIST CSF, ISO 27001, COBIT, etc.Ability to communicate cyber risks to non-technical executive stakeholders and Boards.Demonstrated ability to lead under crisis, including ransomware and breach scenarios.Other Information:
Working Conditions / Special ConsiderationsRegular hours: 35-hour work week.Requires availability during emergencies, breaches, and war room scenarios.May involve evening, weekend, and extended-hour commitments.Requires handling highly confidential and sensitive data.Subject to police background check, psychological assessment, and additional screening.Equity Statement: TCHC encourages applications from Indigenous peoples, racialized communities, persons with disabilities, women, 2SLGBTQ+ persons, and others from equity-deserving groups.Accommodation: Reasonable accommodations will be provided throughout the hiring process. Contact or 416-981-4119Thank you for your interest in this opportunity. If you are selected to move forward in the process, we will contact you directly. If you do not hear from us, we encourage you to continue visiting our website for other roles that may be a good fit.For more information about TEEMA and to consider other career opportunities, please visit our website at