Cybersecurity Lead

About The Position

Requirements

• Post‑secondary education in Information Technology, Computer Science, Cybersecurity, Business or a related field
• Minimum 10 years in cybersecurity, including 4 or more years in a leadership or senior technical role

Nice To Haves

• Experience with cybersecurity frameworks such as NIST CSF, CIS, or ISO 27001
• Cybersecurity certifications such as CISSP, CISM, CEH, or GIAC are an asset
• Excellent communication, coaching, and stakeholder management skills
• Experience working with midstream operators.
• Familiarity with Canadian and US regulations, including CER and TSA and PHMSA
• Strong knowledge of network security, cloud security
• Strong knowledge of incident response
• Experience with SIEM, EDR, firewalls, and identity management tools

Responsibilities

• Coordinate and prioritize work of a small, high performing cybersecurity team
• Engage and drive the work of expert consultants and contractors
• Prepare executive level reporting on threats, risks, and program activity
• Develop program metrics, and track and report on program maturity
• Interface with regulators. Act as the primary contact for regulators and prepare and submit regulatory documents and reports.
• Manage cybersecurity assessments, penetration testing activities, and remediation tracking
• Support and coordinate risk management activities
• Improve and enforce security policies, standards, and procedures
• Oversee and coordinate incident detection, response, and post incident analysis
• Partner with other IT departments and business stakeholders to embed security into projects and operations
• Provide financial, quality, and schedule oversite of contractors and service providers.
• Maintain and improve cybersecurity governance, including specs, standards, and processes