Managing Director, Information Security and Enterprise Architecture (CISO)

About The Position

Requirements

• 15+ years of experience leading cybersecurity, enterprise architecture, platform, or technology organizations at enterprise scale.
• Demonstrated success managing enterprise cybersecurity incidents and driving large‑scale architectural transformation.
• Strong executive communication skills and ability to translate technical risk and architectural tradeoffs into business context.
• Bachelor’s Degree in Computer Science, Business Administration, or related field, or equivalent experience.

Nice To Haves

• MBA preferred.
• Relevant credentials such as CISSP, CISM, CISA, CRISC, or enterprise architecture certifications are desirable.

Responsibilities

• Define and own the enterprise cybersecurity and information risk strategy and data governance.
• Set and enforce cybersecurity policies, standards, and risk tolerances aligned to business objectives.
• Establish and lead cybersecurity governance forums, executive risk reviews, and steering committees.
• Provide executive‑ready reporting on cybersecurity posture, emerging risks, and material incidents.
• Hold authority to require risk mitigation actions, and to escalate or halt technology implementations or production changes that exceed the approved cybersecurity risk appetite.
• Lead the Architecture & Platform Engineering function, including Enterprise Architecture, Platform Engineering, DevSecOps, IAM, and Cloud Enablement.
• Establish and mature an Enterprise Architecture Center of Excellence (CoE) to define enterprise‑wide technology standards, reference architectures, and architectural guardrails.
• Ensure enterprise architecture provides clear direction while enabling domain‑owned solution architecture across customer‑facing, foundational, and product technology domains.
• Drive alignment across platforms, cloud services, integration patterns, and shared services to reduce complexity and improve scalability, resilience, and security.
• Partner across technology leaders to ensure architectural consistency and sound engineering and security practices across the technology landscape.
• Define and execute a multi‑year cybersecurity, IAM, data protection, and enterprise architecture roadmap aligned with business priorities.
• Own enterprise Identity and Access Management (IAM) strategy and governance across workforce, customer, and partner populations, including lifecycle controls, authentication standards, and oversight of IAM platforms.
• Own the enterprise data protection and data governance framework, including data classification standards and protection requirements, in partnership with Legal leadership.
• Enable secure and well‑architected adoption of cloud platforms, digital solutions, and third‑party services.
• Build, lead, and retain a high‑performing cybersecurity, architecture, platform, and identity organization.
• Develop leadership depth, succession planning, and ongoing professional development across security and engineering disciplines.
• Own cybersecurity, IAM, architecture, and platform investment strategy, including prioritization and roadmap alignment.
• Manage vendor relationships and guide security, platform, and architecture technology strategy.
• Adopt and operationalize appropriate cybersecurity and architecture frameworks based on organizational needs and regulatory requirements.
• Maintain clear standards for information ownership, classification, accountability, architectural compliance, and protection.
• Define and report measurable cybersecurity posture, architectural health, technical debt, and risk metrics to executive leadership.
• Lead enterprise detection, response, and recovery for cybersecurity incidents.
• Serve as the primary security executive interface with regulators, law enforcement, insurers, and external advisors during incidents.
• Ensure security and architectural controls are embedded into technology delivery, engineering, and operations by design.
• Monitor the threat landscape and drive proactive risk reduction initiatives.
• Ensure resilience, recoverability, and reliability of business‑critical services and platforms.

Benefits

• Medical/Dental/Vision available day one
• Vacation/Sick- accruals start day one
• Paid company holidays and personal holidays to celebrate what’s important to you
• 401K - company contribution and match (U.S.)
• Registered Retirement Savings Plan (RRSP) – company contribution and match (Canada)
• Employee discounts/hotel discounts
• Free financial and health wellness programs
• Tuition Reimbursement