Manager of Security, internally referred to as a Business Unit, Security Business Partner (BUSBP), to support business units across Canada. The BUSBP is a leadership position that is a direct report to the Vice President of Security for Canada Operations within the Office of the Chief Security Officer. The role will focus on all aspects of corporate security, from physical, cyber and information security disciplines. The BUSBP is the primary security point of contact to support the business unit in executing CGI security requirements within Canada, responsible for the overall security posture of the business unit and supporting and responding to client security related matters.
Opportunity to work in a converged security environment with exposure to diverse domains.
Membership in a cross-functional security team encompassing physical security, workforce protection, information security and Business Continuity Planning.
Responsible for the safety and well-being of members in the assigned Business Unit.

YOUR FUTURE DUTIES AND RESPONSIBILITIES

The BUSBP manages the BU security posture by:

• Assessing and mitigating BU security risks.
• Ensuring that CGI security policies & standards are applied to internal and shared (multi-client) systems.
• Approving & managing security exception requests.
• Implementing security education, training and awareness programs and security communication.
• Developing, implementing and testing Business Continuity plans, including Crisis Management plans.
• Where applicable, maintain compliance to ISO 27001 certification and ensuring its alignment to Enterprise Security Management Framework (ESMF).

Central Point of Contact for Security within the BU

• For CGI security audits within the BU, ensuring the BU security program is in alignment with CGI security policies and directives.
• Where applicable, the POC for communicating and supporting client proposals
• Representing the voice of the Strategic Business Unit (SBU – Canada) to contribute to the evolution of ESMF;
• Functions as an extended member of the Global Security team to provide guidance and advice to SBU management and members with regard to the CGI security program (scope covers Information Security/Cybersecurity, Privacy, Physical, BCP, IP protection, Insider Threat & member protection)

Managing Security Incidents and Crisis/Risk Management

• Oversee the management of security incidents (including client incidents as needed); escalation to management, risk-based incident management.
• Establishing SBU/BU crisis management capabilities

Reporting on Security Metrics
SBU security posture / dashboard: risk level, policy compliance report, incident reports

REQUIRED QUALIFICATIONS TO BE SUCCESSFUL IN THIS ROLE

• A minimum of eight or more years in an information security role.
• Ability to work independently in a high-stress, often fast paced environment. Within security, and especially during incident response, business hours often do not conform to standard and/or extend beyond the traditional eight-hour “work day”.
• Experience leading the security incident response.
• Experience with client contract (MSA/SOW) reviews based on best practices and company policy
• Expert understanding of risk management principles
• A results-focused approach to work which values service quality, economy and collaboration.
• Demonstrated judgment and the ability to adapt to a dynamic environment.
• Must be a self-motivating, and self-starter capable of operating with little to no supervision to be successful. Candidates that are reliant upon day to day oversight and/or instructions will not be successful in this environment.
• Must be comfortable with executive presentations and general interactions. Must be a proficient public speaker.
• Must be available to perform security functions during non-standard business hours when required.
  

  LI-YH1

LI-KM1