At Rogers we’re for supporting you on a journey to a rewarding career. Whether you’re a developer, an analyst, or a customer care consultant, Rogers is the place where ideas become reality. We embrace change, and find ways to do better. And we deliver on that commitment by fostering an environment of passion and innovation for all people.
Rogers is seeking a Director, Commercial Security & Compliance Services leading the Enterprise Business Unit Cyber Security & Compliance program. Reporting to the VP, Information Cyber Security Unit at the Rogers Park Brampton Campus, this individual will drive program EBU wide including roadmap, alignment and reporting – proactively collaborating with all key stakeholders.
This position leads and supports the activities of Pre/Post sales Enterprise customer, contractual and Product security & compliance services.
This position requires an overall understanding of the various cyber security technologies / compliance models and how they inter-relate. Strong experience with our toolsets and/or customer toolsets is critical when dealing with real-life optimization, and scenarios where expected outcomes are not occurring. Overarching knowledge of the tools / compliance models is key to providing leadership to EBU Leadership and Account Executives.
The team consists of 3 direct reports, and associated contracts / contractors (expected up to 15 FTEs annually).
- Define/maintain Rogers Enterprise Business Unit (Enterprise) security & compliance. Please note: EBU Product is accountable to ensure products are secure & compliant by design
- Deliver EBU Security & Compliance services which meet customer expectations and satisfy legal/regulatory requirements.
- Support and assist in the development of EBU Products that are secure & compliant by design.
- Contribute to product security & compliance requirements, non-compliance criteria and reporting.
- Lead action plan around external cyber security threats or risks occurring that may impact Rogers Enterprise operations or its customers, or are highly visible in North American Enterprise space
- Deliver pre-sales services (re-useable security / compliance language, RFP support, phone support, customer concerns / questions, on-site customer and meetings (as required)
- Define and keep updated re-useable security & compliance language for pre/post sales customer activities
- Support AE’s with customer pre/post sale questions / concerns. Please note: AEs are accountable for the customer relationship and answering questions based on pre-defined security & compliance language
- Enhance the enterprise customer security & compliance experience through: continuous improvement, automation and simplification for risk & audit reports.
- Deliver and continually update a published Product compliance roadmap (based on EBU Product providing a clear product strategy) with a 1 and 3 year horizon (or that aligns to EBU selected time horizon.
- Select & manage auditors for third party compliance, implementing compliance frameworks while facilitating audit execution (not Internal Audit, specifically third party assurance).
- Track and support EBU remediation of third party assurance deficiencies / audit findings (non-IA).
- Support customer audit requests within the constraints of the agreed contractual obligations.
- Develop new and innovative compliance differentiators with Product.
- Reporting (i.e. EBU Management, Board Audit & Risk Committee, ICSU, Governance Sub-Committee, MBR/QBR, etc)
- Facilitate internal ICSU / EBU Management team reporting (i.e. Weekly HOFI, Monthly ICSU Unit, ICSU Governance Monthly Meeting, EBU meetings as assigned)
- Provide timely insights into changes in industry compliance / regulations, security events, building a process to communicate throughout EBU (including for Sales to speak with customers)
- Drive and facilitate aggregated EBU related metrics
- Manage and recruit top talent, and identification/remediation of weak talent (Performance evaluations)
- Support leadership development priorities and data management and technology department cultural changes
- Undergraduate degree in Computer Science or Engineering, or related field
- preferred Graduate University Degree at Master's level (e.g. MBA, MA, MSc)
- 10+ years of broad and deep information security experience in complex technology environments
- Experience managing large teams (e.g. 20+ staff) with a minimum of 5 direct reports.
- Experience with frameworks/standards such as ISO 27002, COBIT, ISF SoGP, PCI DSS, PIPEDA
- Previous experience in the telecommunications and/or media industry is an asset
- CISSP. CISM, CISA or similar certifications and training are assets
- Communicates effectively with meaningful and articulate discussions leveraging effective language, tone, and style.
- Synthesizes information into succinct, concise and logical summaries.
- Creates clear written business documents that demonstrate clarity of thought.
- Able to analyze complex security issues and provide pragmatic options and recommendations.
- Demonstrable understanding of how to network and develop healthy working relationships with various key stakeholders.
- Strong business and technical acumen
- Excellent planning and organizational skills
- Ability to work with cross-functional teams and achieve goals and meet deadlines in a fast-paced environment
- Strong ability to coach and mentor individuals on the team
- Can direct and manage multiple priorities in high pressure situations
Schedule: Full Time Shift: Day Length of Contract: Not Applicable (Regular Position) Work Location: 8200 Dixie Road (101), Brampton, ON Travel Requirements: Up to 25% Posting Category/Function: Technology & Information Technology
Requisition ID: 108849