Information Systems Security Officer
Barrie, Ontario, Canada
Napoleon
Experten für Gas- und Infrarot-Grillen Erneuern Sie Ihre Grillausrüstung Mit Napoleon Grills diese Grillsaison Napoleon zeichnet sich durch hochmoderne Grillfunktionen, leistungsstarke Technologien und meisterhaftes Design aus.Napoleon leads the way with innovative engineering, advanced manufacturing techniques, unsurpassed customer service and remarkable product quality. Our award-winning products offer a best-in-class experience for all customers’ home comfort needs. While we are proudly Canadian, Napoleon is also fortunate to operate on a worldwide scale.
The warmth and experience that a Napoleon product brings to the homes of our customers transcends borders, language, and cultures to enhance everyday living across the globe. Throughout North America, Europe, South America and Asia, Napoleon creates memorable moments through our stunning designs and innovative technologies.
Title: Information Systems Security Officer - Hybrid
Reports to: Senior Director, IT
Job Purpose: The Information Systems Security Officer (ISSO) is responsible for overseeing and managing the organization's information security programs, policies, and procedures. This role involves safeguarding the company’s digital assets, ensuring compliance with industry standards and regulations, and proactively identifying and mitigating security risks. The ISSO assesses risk and establishes a secure information processing environment through the management of a security program incorporating policies, strategies, mitigation plans, measurement programs, architecture, and training processes. The ISSO develops and manages the security program, under the guidance of the Senior Director of IT and in support of the Manager IT external IT security service providers. The ISSO collaborates with various departments, including the IT team and external security providers, to ensure security measures align with the company's goals, are integrated into new systems and changes, and guide IT security initiatives, including incident response and vulnerability assessments.
Key Responsibilities and Accountabilities:
• Develop, implement, and manage an IT Security Program to establish and maintain a secure information processing environment.
• Design, implement, and enforce information security policies, procedures, and guidelines to protect company assets, data, and systems, ensuring compliance with relevant laws, regulations, and industry standards (e.g., ISO/IEC 27001, NIST, GDPR).
• Conduct regular risk assessments to identify vulnerabilities and implement risk management frameworks to ensure ongoing security and compliance.
• Work with external auditors and regulatory bodies to maintain certifications, demonstrate compliance, and ensure regular audits and assessments are conducted.
• Develop and maintain an incident response plan for rapid detection, containment, and recovery from security breaches.
• Lead investigations into security incidents, providing reports and recommendations for corrective actions.
• Monitor system performance, logs, and security alerts to detect and prevent unauthorized access, responding promptly to incidents and assisting users.
• Oversee the security of network infrastructure, ensuring firewalls, intrusion detection systems, and other security measures are in place and effective.
• Ensure appropriate standards, processes, and procedures are in place for the design, implementation, administration, and documentation of information security systems and controls.
• Manage access permissions and identities across all relevant environments, including platform, operating system, and application levels.
• Develop and deliver security awareness training programs to promote cybersecurity best practices among all associates.
• Stay up to date on emerging threats and ensure the workforce is informed about potential risks and protective measures.
• Evaluate and manage security vendors, tools, and technologies to ensure they meet the organization’s security needs.
• Maximize value from existing security solutions and drive processes to enhance or acquire additional solutions as necessary, working closely with third-party providers to ensure adherence to security standards.
• Collaborate with IT, HR, Finance, and other departments to integrate security practices across all business aspects.
• Provide leadership and guidance to IT staff, mentoring team members in security best practices and career development.
• Participate in the development, maintenance, and testing of the Disaster Recovery Plan.
• Provide input on security requirements to be included in RFPs, SOWs, and other procurement documents.
Education and Experience:
• Bachelor's degree in Computer Science, Engineering, or related field and/or equivalent combination of education and experience.
• Minimum 5-7 years direct experience in cybersecurity including developing, implementing and managing an IT security program.
• Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP) or similar certification is desirable.
• Experience with security architecture and controls across Microsoft cloud and on prem products and services, including Microsoft 365, Dynamics 365, Azure, and Microsoft networking products and services.
• Knowledge of computer networking concepts and protocols (e.g., TCP/IP, DNS) and network security methodologies.
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware.
• Knowledge of remote access technology concepts.
• Knowledge of application firewall concepts and functions (e.g., single point of authentication enforcement, data anonymization, DLP scanning, SSL security).
• Strong analytical and problem-solving skills.
• Exceptional written, oral, and interpersonal communication skills.
• Ability to work in collaborative team environments and to negotiate with multiple stakeholders.
• Experience in developing disaster recovery plans is an asset.
IGNITE YOUR CAREER, Some of our competitive benefits include:
•Competitive Compensation / Wages
•Medical, dental, and vision insurance
•Retirement Savings Plan (RRSP/DPSP)
•Tuition reimbursement
•Life insurance and disability coverage
•Associate Purchase Programs, Product Discounts, In-house Sales
•Appreciation Events, Raffles, Draws, Fundraising, BBQ’s, Competitions
•Napoleon Cares – Associates helping Associates
•Employee Assistance Plan
•Napoleon Recognition Program
•GOevisits, virtual doctor visits
•And more!
The Napoleon Group of Companies is committed to fair and accessible employment practices that attract and retain Associates with disabilities. This includes providing accessibility across all stages of the employment cycle. Accommodation is available upon request.
We thank you for your interest in The Napoleon Group of Companies and for participating in our competition. Only those candidates selected for consideration will be contacted.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Azure CISSP Cloud Compliance Computer Science DNS Finance Firewalls GDPR Incident response Intrusion detection Network security NIST OpenID Risk assessment Risk management SAML SSCP TCP/IP Vulnerabilities
Perks/benefits: Career development Competitive pay Health care Insurance Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.