Vice-President, Security Services

Category: Legal Affairs
Main location: Canada, Quebec, Montreal
Position ID: J0522-1229
Employment Type: Full Time

Position Description:

We are now looking for a VP of Security to support multiple business units across Canada. This is a CGI Corporate Security leadership position that reports to the Global VP of Security within the office of the Chief Security Officer (CSO). In this role you will focus on all aspects of corporate security, from physical, cyber and information security disciplines. The VP of Security operates with the authority delegated from the Strategic Business Unit (SBU) President, to manage the Security Program for the SBU as the primary security point of contact (POC) to support the business in executing CGI security requirements within the region, responsible for the overall security posture of the SBU and supporting and responding to client security related matters.

In this dynamic role, you will lead the implementation and management of the CGI Global Security Program, which encompasses information security/ cyber security, business continuity/ crisis management, physical security, workforce protection and insider risk management.

The VP of Security oversees and leads the implementation of internal corporate policies, procedures, and standards within the Strategic Business Unit (SBU).

Your future duties and responsibilities:

The VP of Security manages the SBU security posture by:
• Assessing and mitigating SBU security risks;
• Ensuring that CGI security policies & standards are applied to internal and shared (multi-client) systems;
• Ensuring critical and high security vulnerabilities are analyzed and appropriate security patches are deployed;
• Approving & managing security exception requests;
• Where applicable, maintaining compliance to ISO 27001 certification and ensuring its alignment to the corporate Enterprise Security Management Framework (ESMF); and
• Implementing the ESMF consistently across delivery and support teams.

Central Point of Contact for Security within the SBU
• Implement security education, training and awareness programs and security communication.
• Lead global and local internal security projects as Regional Lead Security representative.
• Where applicable, support contract reviews and bids/ proposals as lead security Subject Matter Expert (SME).
• Support government security program (control goods and contract security program).
• Provide oversight for security audits within the SBU, ensuring the SBU security program is in alignment with CGI security corporate policies and directives.
• Represent the voice of the SBU to contribute to the evolution of the ESMF.
• Provide guidance and counsel to SBU management and members with regard to the CGI security program (i.e., Information Security/ Cybersecurity, Privacy, Physical Security, BCP, IP Protection, Insider Risk & Member Protection).

Managing Security Incidents and Crisis/Risk Management
• Oversee the management of security incidents (including client incidents as needed); escalation to executives, risk based incident management.
• Develop, implement and test Business Continuity plans, including Crisis and Problem Management plans.
• Report on security metrics and present SBU security status to executive leadership team.
• Conduct periodic risk management activities (ex: Gap Assessments – Physical and Information Security) and execute the agreed mitigation plans.
• Responsible for overall SBU security posture / dashboard: risk level, policy compliance report, incident reports.

Required qualifications to be successful in this role:

• A Bachelor’s degree in Computer Science or a similar discipline preferred, Master’s degree a plus
• Relevant certifications are highly desirable (e.g. CISSP, CISM, CISA, CPP, PSP, CRISC, CIPP, etc.)
• Minimum of ten (10) years of directly related IT experience with at least five (5) years experience in a leadership information security role managing large enterprise security operations ideally within the technology professional services industry.
• Ability to work in a high-stress, often fast paced environment. Within security, and especially during incident response, business hours often do not conform to standard and/or extend beyond the traditional eight-hour “work day”.
• Experience in large scale, enterprise IT governance, operational and IT risk management.
• Experience leading security teams and engaging with clients at all levels to understand needs and present appropriate security solutions.
• Experience communicating information security-related matters in a business context to a broad range of technical and non-technical staff up to and including the C-Suite and Board Level.
• Experience in large scale, enterprise-wide security intrusion monitoring, detection, and incident handling/ remediation activities; knowledge of security incident response, crisis management, and business continuity.
• Regulatory compliance, data classification and management.
• Bilingual (spoken and written)


What you can expect from us:

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today — one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI — where your ideas and actions make a difference.