Demo
Salary Resume Critique Job Openings

Head Information Security (CISO)/Chef, Sécurité de l'information (RSSI)

Canada Mortgage and Housing Corporation
Lakeville, MN Full Time
POSTED ON 4/17/2025
AVAILABLE BEFORE 5/17/2025

Office Location : Ottawa (ON) preferred, Montreal (QC) and Toronto (ON) will be considered

Apply promptly! A high volume of applicants is expected for the role as detailed below, do not wait to send your CV.

Travel Requirement : Travel not required

Language Skill Levels (Read / Write / Speak) : CBC

Security Requirement : Secret

Salary : Our salaries generally range from $196,189.50 to $235,427.40 and are based on qualifications and experience.

We have retained the services of an Executive Search firm for this recruitment. Your application will be assessed by the firm, and applicants who have successfully passed the firm assessment will be invited for an interview with CMHC.

About CMHC :

The work you do and the work we do together matters. We come to work every day with a common purpose : to contribute to a well-functioning housing system.

At CMHC, we hold ourselves accountable for our results and support our colleagues in their achievements. We thrive on collaboration, connecting across CMHC and involving the right people to get our work done. We have flexibility in how, when, and where we work, within the boundaries of the business needs and the nature of your role. Our leadership style is guided by trust, where our leaders favour an adaptive approach based on the needs of their teams.

Join us and be part of a team that's committed to making a real difference and be part of something meaningful.

What’s in it for you :

We’ve got the purpose, the people, and the perks you need for a fulfilling career. Here’s the comprehensive and generous benefits you get when you’re a permanent employee :

  • Annual paid vacation.
  • Annual individual performance incentive.
  • Comprehensive group insurance plan to support your well-being from day one.
  • Support towards your personal and professional growth with training, mentorship, and more.
  • An inclusive workplace culture and environment.
  • While positions at CMHC require some in-office presence, alternative work arrangements may be considered for Indigenous candidates.

About the role :

Reporting to the SVP Technology and Business Transformation, the Head Information Security (CISO) is a critical role in providing strategic leadership and oversight for CMHC's global security posture. This position oversees the protection of the organization’s information assets, physical and virtual infrastructure, and operations against an evolving threat landscape. The incumbent is responsible for developing and implementing a security strategy, governance framework, and operational plan that align with CMHC's vision, mission, and values and risk appetite. The Head, Information Security (CISO) also manages security risks, ensures compliance with security standards and regulations, communicates, and promotes a security culture, and fosters strategic partnerships with internal and external stakeholders.

What you’ll do :

Strategy and governance :

  • Create, manage, and maintain CMHC’s information security strategy and governance framework (including cybersecurity) to be a unified, flexible, and risk-based approach aligned with CMHC’s overall business objectives.
  • Lead and develop objectives, priorities, operational business plans, policies, and standards to reflect industry security leading best practices and oversee audits and assessments to maintain CMHC’s security governance standards.
  • Facilitate a cybersecurity governance structure governed by a cybersecurity steering committee / advisory board to manage and contain cybersecurity incidents / events to protect corporate IT assets, intellectual property, regulated data, and the company's reputation.
  • Develop and provide regular reporting on the current status of the cybersecurity program to enterprise risk teams, senior business leaders, and the board of directors as part of a strategic enterprise risk management program.
  • Lead strategic security and emergency planning prioritizing defense initiatives and providing oversight to the security and emergency management functions while monitoring the external threat environment for emerging threats.
  • Identify, assess, and mitigate information security risks across the organization and lead the response to security incidents by ensuring minimal business impact and that lessons learned are shared and implemented across teams.
  • Oversee the analysis, design, and deployment of the infrastructure security procedures and practices that enhance the integrity and privacy of the organization’s IT.

    • Security Partnerships and Visibility :

  • Build and maintain strategic relationships with external partners, industry groups, regulatory bodies, law enforcement, and other advisory bodies to enhance CMHC’s visibility and security posture.

    • Security First Culture :

  • Champion a security-first culture across the organization. Promote comprehensive security training programs for employees, partners, and stakeholders. Ensure comprehensive security management training and communications to elevate security awareness.

    • What you should have :

  • An undergraduate degree in management information systems, information security, information technology, or information systems management. An equivalent combination of education and / or experience can be considered.
  • Thirteen (13) years of a combination of experience in information technology or information security roles, with at least 5 years in a senior leadership role.
  • Experience with the framework of the financial regulations and guidelines of the Office of the Superintendent of Financial Institutions (OSFI), and the compliance and integration of these standards into the organization’s security and risk management frameworks.
  • Demonstrated experience identifying cyber vulnerabilities and devising solutions for risk improvement.
  • The knowledge of current trends and best practices in threat risk assessment, vulnerability assessment, redundancy, and disaster recovery practices.
  • The knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT, as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies.
  • Superior written and oral communication skills (French and English). Ability to deliver a persuasive, clear presentation of ideas that will convince others and gain acceptance of proposals in a variety of settings and styles to a variety of stakeholders (senior management in particular).

    • It would be great if you also had :

  • One of the following certifications : Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or System Administration, Networking and Security (SANS).
  • Experience with contract and vendor negotiations and working with outsourcing partners.

    • Posting closing date : Note, the competition will remain active until filled.

    Our commitment to diversity, equity, and inclusion :

    We’re committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans, and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non-Canadians who are eligible to work in Canada.

    CMHC is an inclusive workplace where diversity of thought – and of people – are recognized, valued, and considered essential to achieving our mission.

    We know that applying for a new job can be both exciting and daunting, and we appreciate your effort.

    If you are selected for an interview or testing, please advise us if you require an accommodation.

    If you applied before and you were not successful, don’t worry – we're always posting new positions, so don’t hesitate to give it another shot. We’re excited to see what you bring to the table this time around!

    J-18808-Ljbffr

    Salary : $196,190 - $235,427

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Head Information Security (CISO)/Chef, Sécurité de l'information (RSSI)?

    Sign up to receive alerts about other jobs on the Head Information Security (CISO)/Chef, Sécurité de l'information (RSSI) career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $220,784 - $286,649
    Income Estimation: 
    $328,229 - $449,590
    Income Estimation: 
    $359,696 - $589,779
    Income Estimation: 
    $270,069 - $359,305
    Income Estimation: 
    $328,229 - $449,590
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Not the job you're looking for? Here are some other Head Information Security (CISO)/Chef, Sécurité de l'information (RSSI) jobs in the Lakeville, MN area that may be a better fit.

    Information Security Engineer Mainframe Security

    Wells Fargo, Minneapolis, MN

    Information Security Engineer - Mainframe Security

    Wells Fargo, Minneapolis, MN

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!