WSP

Information Security Manager, Mergers & Acquisitions

WSP$122K — $162K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT, Computer Science, Business, Risk Management, or related field (or equivalent experience).
  • 4-8 years in information security, IT risk, or cybersecurity, with 2+ years in M&A security due diligence.
  • Proven leadership in risk assessments and compliance activities.
  • Strong project management skills with capability to manage multiple workstreams independently.
  • Knowledge of ISO 27001, NIST CSF, and CIS Controls.
  • Expertise in security domains including IAM, network security, data protection, and monitoring.
  • Experience with third-party/vendor risk management.

Responsibilities

  • Lead security due diligence for mergers, acquisitions, and divestitures.
  • Perform pre-acquisition security risk assessments.
  • Identify security risks, liabilities, and remediation requirements.
  • Coordinate penetration testing activities and track remediation schedules.
  • Develop and maintain security integration playbooks that align with corporate standards.
  • Define Day 1 security expectations and integration plans.
  • Provide actionable risk reports and executive summaries for decision-making.

Benefits

  • Join a leading company with a strong focus on secure business transformation.
  • Engage in high-impact projects that shape organizational growth.
  • Collaborate with cross-functional teams including Corporate Development and Legal.
  • Opportunity to influence security practices at a strategic level.
  • Develop strong relationships with executive leadership and stakeholders.
Full Job Description
Job Description

The Opportunity

Drive Secure Growth Through Strategic Transformation

Play a pivotal role in shaping secure business growth as an Information Security Manager, Mergers & Acquisitions. In this role, you will lead critical security due diligence, risk evaluation, and integration efforts across acquisitions, divestitures, and joint ventures-ensuring every transaction aligns with WSP's security framework and risk posture.

You'll collaborate with Corporate Development, Legal, IT, and executive stakeholders to assess, advise, and integrate security practices within a fast-paced, deal-driven environment, directly influencing the success and resilience of strategic business initiatives across Canada.
Your Impact
  • Lead information security due diligence activities for mergers, acquisitions, and divestitures.
  • Perform pre-acquisition security risk assessments, including evaluation of policies, controls, technologies, and cyber maturity.
  • Identify key security risks, liabilities, and remediation requirements, including regulatory, contractual, and operational risks.
  • Work with security penetration testing vendors to coordinate, track, and evaluate penetration testing activities, as well as remediation schedules.
  • Coordinate breach assessment activities in line with transaction schedules.
  • Provide clear, actionable risk reports and executive-level summaries to support transaction decision-making.
  • Support deal teams in defining security-related representations, warranties, and contractual requirements.
  • Work with M&A Operations to develop and maintain security integration playbooks and frameworks aligned with WSP standards.
  • Define Day 1 security expectations as well as day 30/60/90 security integration plans where necessary, including identity, network, endpoint, data protection, and monitoring controls.
  • Coordinate the execution of security integration activities across IT, infrastructure, and business teams.
  • Ensure alignment of acquired entities to WSP's security policies, standards, and ISO27001-aligned ISMS.
  • Track and report on integration progress, risks, and remediation activities.
  • Ensure M&A activities are aligned with WSP's Information Security Governance framework and risk management processes.
  • Act as the primary security advisor for M&A initiatives, providing guidance on risk acceptance, mitigation strategies, and prioritization.
  • Maintain documentation and audit trail supporting due diligence decisions and integration activities.
  • Participate in governance forums and provide updates on transaction-related security risks and status.
  • Develop strong working relationships with Corporate Development, Legal, IT, and regional business leadership.
  • Act as the central coordination point for all security-related M&A activities.
  • Communicate complex security risks and integration strategies clearly to both technical and non-technical stakeholders.
  • Support client-facing or third-party interactions where required during transactions.
  • Assess third-party and inherited vendor risks associated with acquired entities.
  • Ensure appropriate risk treatment plans are defined and executed for high/critical risks.
  • Align acquired third-party relationships with WSP's third-party cyber risk management framework.
  • Develop and enhance M&A security assessment methodologies, tools, and templates.
  • Contribute to the evolution of WSP's security standards, policies, and playbooks based on lessons learned.
  • Identify opportunities to streamline and automate assessment and integration processes.
  • Support awareness and training initiatives related to M&A security risks across the organization.
The Skills That Set You Apart
  • Bachelor's degree in Information Technology, Computer Science, Business, Risk Management, or a related field (or equivalent experience).
  • 4-8 years of experience in information security, IT risk, or cybersecurity, including at least 2 years supporting M&A security due diligence or integration.
  • Proven experience leading security risk assessments, control evaluations, and compliance activities.
  • Strong project management skills with the ability to lead multiple concurrent workstreams end-to-end independently.
  • Working knowledge of ISO 27001, NIST CSF, and CIS Controls.
  • Broad expertise across core security domains including IAM, network and endpoint security, data protection, vulnerability management, and monitoring.
  • Experience in third-party/vendor risk management and security assessment methodologies.
  • Strong communication, stakeholder engagement, and analytical skills with the ability to operate in fast-paced environments.
Compensation

AB, BC, NT, NU, SK & YT: $135,200 - $179,100
MB & ON: $123,300 - $169,800
NB, NL, NS, PE & QC: $122,100 - $162,200

Disclosure:
The final salary awarded for this role may vary from the above range based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, seniority, geographic location, performance, and business or organizational needs. The wage range provided in this job posting may be subject to change for business purposes.
Ready to Drive Secure Growth? Make Your Mark.

Join WSP and play a critical role in enabling secure, strategic business transformation. Your expertise will directly shape how we evaluate risk, integrate new organizations, and safeguard our future.

Apply today and help redefine what secure growth looks like.

#LI-Hybrid

About WSP

WSP is a Canadian engineering consulting firm that provides services to transform the built environment and restore the natural environment. The firm's expertise ranges from environmental remediation and urban planning, to engineering iconic buildings and designing sustainable transport networks, to developing the energy sources of the future and enabling new ways of extracting essential resources. It has approximately 54,000 employees, including engineers, technicians, scientists, architects, planners, surveyors, program and construction management professionals, and various environmental experts. WSP has offices in more than 40 countries and territories around the world.
Learn more about WSP
Size
54,000 employees
Industry
Founded
1959

Similar Jobs

More Jobs at WSP

More Information Technology Jobs

Find similar Information Security Manager, Mergers & Acquisitions jobs: