Cyber Security Project Manager

at  Cleo Consulting

DESCRIPTION

Supply Ontario is a new centralized procurement agency that was formed in 2020 that will enable a whole-of government approach to purchasing goods and services. At Supply Ontario, we believe that modernizing procurement is a key driver of success for Ontario’s public sector. Our mandate is to strengthen supply chain management and procurement across the public sector, ensuring that Ontario ministries, provincial agencies, hospitals, school boards, children’s aid societies and more have access to high-quality, timely, reliable products at the best value.
As we stand up this new agency, we are looking for Fee-for-Service (FFS) resources to help support the delivery and implementation of various security projects that will enable the organization to enhance its cyber security program and successfully execute on its mandate. Project Overview:
In response to the escalating cyber threats in today’s digital landscape, Supply Ontario is embarking on a strategic initiative to establish a robust and comprehensive cyber security program. This endeavour will aim to fortify the organization’s digital defenses, safeguard sensitive data, and ensure continuity of operations in the face of evolving cyber risk.
Our primary goal revolves around the establishment of a mature cyber security program that underpins Supply Ontario’s core business functions. Focusing on continuous improvement, key objectives include coordinating, designing, and implementing initiatives related to bolstering proactive and reactive controls to preserve Confidentiality, Integrity and Availability (CIA). An extensive program will include areas such as Cyber Policy and Procedure, Cyber Risk Assessment & Management, Security Compliance, Security Training & Awareness, Incident Response, and Threat Intelligence.

Through the utilization of cutting-edge technology and industry best practices, we are dedicated to building a comprehensive cyber security program within our agency.Experience required:

• 7+ years of robust experience in project management roles, with an emphasis on IT & Security related program implementations, specifically in the public sector and entities similar to Supply Ontario.
• Hands-on experience in coordinating, designing, and implementing IT & Security related projects, systems, and initiatives.
• In-depth knowledge and experience with industry standards and security frameworks such as NIST 800-53, NIST CSF, ISO/IEC 27001, CIS, Etc.
• Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, cloud security, encryption, defense-in-depth, auditing, authentication, and risk management.
• Understanding of procurement processes and regulations, best practices, and the nuances of supply chain management in the public sector.
• Solid grasp of project management methodologies, frameworks, and best practices, with a track record of successfully delivering large-scale security related projects on time and within budget.
• Proven experience in leading change management initiatives during system implementations, ensuring smooth transitions, minimal disruptions, and buy-in from all stakeholders.
• Strong interpersonal capabilities to effectively liaise with stakeholders ranging from technical teams to senior executives within the organization. Adeptness in understanding, managing, and aligning stakeholder expectations.
• Demonstrated experience in crafting comprehensive project documentation such as project charters, stakeholder analyses, risk assessments, business requirements, and post-implementation reviews.
• Agile responsiveness to evolving project dynamics, ability to pivot strategies based on emerging challenges or changes in project requirements.
• Solid experience in fostering and managing relationships with external vendors and ensuring optimal service levels and performance benchmarks are met.
• Exceptional written and oral communication skills, proficient in translating intricate technical details into clear, comprehensible insights for stakeholders irrespective of their technical aptitude.

• Leveraging project management principles, the PM will lead the agency in coordinating and implementing a comprehensive cybersecurity program tailored to the organization’s specific needs, risk profile, and regulatory requirements.
• Support the coordination and delivery in areas such as Cyber Policy and Procedure, Cyber Risk Assessment, Security Compliance, Security Training & Awareness, Incident Response, and Threat Intelligence.
• Manage relationships with business areas, vendors, and the internal IT team for project success.
• Create industry-standard project documentation and oversee project team deliverables.
• Document business requirements comprehensively and create option analysis to evaluate different approaches and solutions.
• Identification and analysis of all key stakeholders, outlining their roles, responsibilities, and influence in the project.
• Create detailed timelines and sequences of activities, phases, and milestones required for the successful rollout of various security projects and initiatives, ensuring all teams and stakeholders are aligned on the project’s trajectory.
• Actively drive all deliverables forward by closely collaborating and coordinating with project team members.
• Facilitate executive steering committee meetings to build consensus and endorsement.
• Oversee business analysis, system design, security, and privacy measures.
• Comprehensive identification of potential risks associated with respective security projects and initiatives, accompanied by strategies and actions to mitigate these risks.
• Develop and execute a comprehensive testing strategies.
• Manage organization-wide communications, change management, and data preparation.
• Supervise and support project deployments into production environments and end-user training.
• Document future processes to ensure alignment with various security initiatives.
• Provide regular updates on engagements with vendors, ensuring contractual obligations are met, performance benchmarks are achieved, and any emerging issues are addressed promptly.
• Establish support models in collaboration with various internal and external entities.
• Manage stakeholder relationships with business areas, vendors, and internal IT teams to ensure successful project delivery.
• Support and lead executive steering committee project meetings to gain consensus, collaboration, and endorsement