Please refer to the How to Apply for a Job (for External Candidates) job aid for instructions on how to apply. If you are an active McGill employee (ie: currently in an active contract or position at McGill University), do not apply through this Career Site. Login to your McGill Workday account and apply to this posting using the Find Jobs report (type Find Jobs in the search bar). Position Summary: The Director of Information Security is responsible for the strategic leadership, development, and implementation of McGill University's information security program. This role oversees the protection of institutional data, ensures compliance with regulatory requirements, and manages risk across the University's digital infrastructure. They provide vision and direction for security architecture, governance, incident response, and awareness initiatives, while fostering a culture of security throughout the institution. Duties and Responsibilities: Develop and lead the University-wide information security strategy aligned with institutional goals and regulatory requirements. Hold quarterly or bi-annual security governance meetings with Deans, unit heads, and research leaders to align local practices with McGill’s security strategy. Define departmental objectives and key performance indicators in collaboration with the CIO and IT leadership. Maintain and update an institutional risk register, with quarterly updates to executive leadership. Establish and enforce information security policies, standards, and procedures. Lead recurring compliance audits (e.g., PCI, research data protection, privacy impact assessments). Oversee the development and execution of information risk management and threat mitigation strategies. Conduct quarterly reviews of technical and administrative controls to ensure alignment with evolving threats and regulatory requirements. Oversee the design and implementation of security architecture across applications, networks, and systems. Review and disseminate threat intelligence updates regularly (e.g., monthly briefings) to IT leads across faculties. Oversee an ongoing vulnerability management cycle, including monthly/quarterly vulnerability scans, penetration tests, and patching reviews. Ensure results are tracked, prioritized, and remediated in collaboration with units. Direct incident response planning and execution, including coordination with internal and external stakeholders. Run bi-annual incident response simulations with faculties/units to test preparedness and response coordination. Partner with IT leadership and other units/departments to ensure secure deployment of technologies and services. Represent McGill in external security forums and maintain relationships with regulatory bodies and peer institutions. Promote cybersecurity literacy across the University community through targeted training programs. Deliver annual or semi-annual awareness campaigns (e.g., phishing simulations, research data protection, cloud usage). Manage the Information Security team, including hiring, performance management, coaching, and professional development. Oversee budget planning and resource allocation for the Information Security unit. Provide expert guidance to senior leadership on emerging threats, compliance issues, and strategic investments in security. Minimum Education & Experience: Education: Undergraduate Degree in Computer Science, Information Technology, Cybersecurity, or a related field. Experience: Minimum of eight (8) years of progressive experience in IT Security, including five (5) years in a leadership role. Other Qualifying Skills and/or Abilities: Proven experience developing and implementing enterprise-wide security programs. Strong leadership and team management skills, with the ability to influence cross-functional teams. Deep understanding of security frameworks and standards (e.g., ISO 27001, NIST, PCI-DSS, Cobit). Expertise in risk management, incident response, and compliance enforcement. Familiarity with cloud security, virtualized environments, and modern infrastructure services. Excellent communication, strategic planning, and stakeholder engagement skills. Certifications such as CISSP, CISM, CISA, or equivalent are highly desirable. Bilingual: English (spoken and written), French (spoken and read). As one of Montreal's Top Employers, here is what we offer: Competitive benefits package (Health, Dental, Life Insurance) (if eligible) Defined contribution pension plan (with employer contribution up to 10%) (if eligible) Group Registered Retirement Savings Plan (RRSP) and Tax Free Savings Account (TFSA) Competitive vacation policy Two (2) personal days Two (2) floating holidays Nine (9) "Summer Fridays" - paid days off between the St-Jean Baptiste holiday and Labour Day Paid time off over the December holiday period Tuition waiver for regular employees and their dependents Up to two (2) days of remote work per week where the position permits Before applying, please note that to work at McGill University, you must be both authorized to work in Canada and willing to work in the province of Quebec at the campus where the position is based / located. Knowledge of English: McGill University is an English-language university where day to day duties may require English communication both verbally and in writing. The level of English required for this position has been assessed at a level # 3 on a scale of 0-4. For a definition of our language proficiency levels, please click here. Minimum Education and Experience: Bachelor's Degree 8 Years Related Experience / Annual Salary: (MPEX Grade 10) $126,670.00 - $158,340.00 - $195,000.00 Job Profile: MPEX-IST4I - IT Security - Director or equivalent Hours per Week: 33.75 (Full time) Supervisor: Director Infrastructure and Information Security Position End Date (If applicable): Deadline to Apply: McGill University hires on the basis of merit and is strongly committed to equity and diversity within its community. We welcome applications from racialized persons/visible minorities, women, Indigenous persons, persons with disabilities, ethnic minorities, and persons of minority sexual orientations and gender identities, as well as from all qualified candidates with the skills and knowledge to productively engage with diverse communities. McGill implements an employment equity program and encourages members of designated groups to self-identify. Persons with disabilities who anticipate needing accommodations for any part of the application process may contact, in confidence, accessibilityrequest.hr@mcgill.ca. Located in one of the world’s great multicultural and multilingual cities, McGill University is internationally recognized for its excellence as a leading institution of higher education and research. For nearly 200 years, through the work of dedicated people, McGill has been breaking ground in diverse fields and contributing solutions to some of the world’s most significant issues. McGillians are proud to be part of a community that is both global and local, inspired by challenge and committed to shaping a better future. McGill received a Platinum STARS rating in sustainability, is among Canada’s greenest employers, and is a top Montreal Employer. Grandescunt Aucta Labore. By work, all things increase and grow. Find a sense of purpose. Develop your future. Join us today.
