Job Description

Status
Regular Full-Time
Temporary - Approximate length of assignment, in months
Type of Position
an Addition to Staff
Start Date
Immediate
Salary
Annually
Salary Grade
$157,127.00 - $184,809.00
Department
York Region -> Corporate Services -> Digital & Customer Experience
Location
Hybrid work opportunities may apply - CA

Inform. Technology Serv - 17150 Yonge Street - Newmarket, ON L3Y 8V3 CA (Primary)

(E)

ABOUT US

Almost 1.2 million residents call York Region home, making it one of the largest regions in Canada - and the fastest growing with a population that's expected to grow to more than 2 million by 2041. Our geography, which is comprised of about 1,800 square kilometers over nine different municipalities, is as beautiful, interesting and diverse as our people. Local government is organized in a two-tier structure and we work together with our local municipalities to provide residents and businesses access to a broad selection of services and resources.

WHAT WE OFFER

Consistently named one of Canada's Best Employers by Forbes, we offer a collaborative, progressive workplace that takes pride in our organizational culture and is committed to living The 13+ Factors of Psychological Health and Safety in the Workplace - aligned with our vision to create strong, caring and safe communities both within and outside our walls.

Defined Benefit Pension Program

- With the Ontario Municipality Employees Retirement System (OMERS) defined benefit pension plan, you can confidently retire knowing that you will have income for life. Eligibility from date of hire as a full-time employee and includes employer-matched contributions.

Employer of Choice

- Recognized as the highest-ranking government employer in Canada and fourth overall among 300 organizations.

Benefits and Wellness

- Employees and their loved ones have access to a comprehensive employer-paid benefits plan that includes extended health, dental and life insurance, access to a 24/7 Employee and Family Assistance Program and corporate discounts and purchase plans for day-to-day products and services.

Inclusive and Diverse Workforce

- We're committed to fostering an environment that celebrates all dimensions of diversity and ensures everyone can develop to their full potential, participate freely in society and live with respect, dignity and freedom from discrimination. Our robust Inclusion, Diversity, Equity and Accessibility program continues to grow, and has been recognized by the United Nations and many other organizations for our leadership.

ABOUT THE ROLE

Reporting to the Director, Information Technology Services, the Sr. Manager, Cybersecurity is responsible for providing Senior Cyber leadership including, establishing and maintaining York Region's cybersecurity strategy and program to safeguard the integrity, confidentiality, and availability of critical technology infrastructure and information systems, operational technology (OT) and data. This role involves developing and implementing robust cybersecurity governance and policies, conducting comprehensive risk assessments, and ensuring compliance with relevant regulations such as GDPR, PCI and NIST. Working closely with various departments, the Manager will integrate cybersecurity practices into business processes to protect the municipality's digital assets and infrastructure from cyber threats.

WHAT YOU'LL BE DOING

Lead the Development and implementation of a comprehensive information security strategy aligned with business objectives and industry best practices, encompassing policy development, threat intelligence, risk management, incident response, cybersecurity training, and data protection. Lead the establishment of overarching security architecture principles such as zero trust and micro-segmentation in partnership with Enterprise Architecture, guiding technical teams in designing resilient, scalable infrastructures. Direct the development and integration of strategic identity access management policies, including federated identity, multi-factor authentication, and role-based access controls across all systems. Lead the development and implementation of cloud security strategies, ensuring robust access controls and monitoring mechanisms for cloud environments. Monitor and stay current on emerging threats and changes to the cyber threat landscape to provide strategic guidance and advice to senior leadership around maintaining a robust cyber posture to protect the Region Lead the development of, and implement a continuous security assessment framework leveraging independent audits, vulnerability testing, and red-teaming exercises to validate alignment with security objectives that covers the different infrastructure technologies, information systems and operational technologies used at the Region. Continuously evaluate emerging security technologies, trends, and standards, driving innovation and adoption of new security solutions that mitigate potential risks and align with the organization's risk tolerance. Establish Key Performance Indicators (KPIs) and metrics to track the effectiveness of the security program, support the Director in reporting to senior leadership, driving continuous improvement. Lead the design and selection of security platforms, automation capabilities, and operational use cases to enhance the efficiency and effectiveness of security operations. Develop strategies for endpoint detection and response, API and network security, container security, vulnerability management, and Infrastructure as Code security. Implement, maintain, and renew appropriate security vendor support contracts and purchase requisitions to ensure a high level of systems availability.
Collaborate with development teams to integrate security throughout the Software Development Life Cycle (SDLC).

WHAT WE'RE LOOKING FOR

Successful completion of a University Degree in a related field or approved equivalent combination of education and experience. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) or equivalent. Minimum seven (7) years of experience in cybersecurity or information security roles, including a minimum of three (3) years of direct experience managing cybersecurity teams and projects. Strong understanding of networking and cybersecurity architecture across both on-prem and cloud environments. Solid understanding of modern programming or scripting (e.g., Python) to guide automation strategies. In-depth knowledge of container security, API security, endpoint management security, and Infrastructure as Code. Leadership ability to motivate staff and foster a positive team environment and a culture of security awareness. Supervisory and human resource management skills, including knowledge of collective agreement administration and interpretation, labor relations principles and practices, and relevant employment legislation. Ability to make decisions under high pressure and tight timelines. Demonstrated knowledge of relevant legislation, standards, acts, and regulations. Ability to demonstrate the Region's leadership and corporate core competencies. Council Approval Date
Scheduled Weekly Hours
35
Scheduled Shifts
8:30 - 16:30
Operational Hours
Close Date
October 6, 2025
# of Hires Needed
1
Union
Non Union Staff
.
Please apply online by 5:00PM EST of the closing date indicated above.



All employment opportunities are recorded on a 24-Hour Career Line and may be accessed by calling 1-877-464-9675 ext. 75508. We thank all candidates for their interest; however, only those selected for an interview will be contacted. Please be advised, York Region uses email as the primary means of communication with candidates and does not use AI technology in any part of the recruitment process. Please ensure your email address is up to date, checked frequently (including your spam folder), and accepts messages from unknown users.



York Region is an equal opportunity employer committed to an inclusive, barrier-free recruitment and selection process. We respect, encourage and celebrate our diversity, aiming to build a qualified workforce that reflects the population we serve. Should you require an accommodation under the Human Rights Code during the recruitment and selection process, including accessible formats and communication supports, please email careers@york.ca or call 1-877-464-9675 extension 75506. Accommodations for applicants with disabilities are available upon request during recruitment processes and throughout employment.