Position Description
Job Title: Manager of Information Security
Job Code: NAMIS04192013
Location: St. Catherines, Toronto, Denver, CO
Category: IT
Total Positions: 1
Start Date: Immediate
Job Description: Department: North America and Asia Information Technology

Location: Toronto, St Catharines, ON, CA or Denver, CO, USA

Title: Manager of Information Security

Reports to: Regional Director of North America


As part of North America and Asia Information Technology, the Manager, Information Security:
•Acts as the key security contact for all topics related to call center and business process outsourcing customer security with both internal and external clients
•Develops and maintains a highly responsive, business focused, security processes, primarily aligned with our PCI-DSS compliance
•Aligns regional security strategy with global strategy, assuring that regional specific requirements are considered in the development of the global strategy and vice versa
•Oversees and directs (hands on) local/regional information security initiatives in compliance with the Global Information Technology governance process
•Defines service level agreements (SLA’S) with internal clients for the delivery of security services
•Ensure SLA’s are achieved and client expectations are met (or exceeded).
•Build security relationships with internal and external customers and hold security review meetings; areas covered will include performance reports, improvements, project reports, quality and processes.
•Follow ITIL and ISO security standards, processes and methodologies and ensure those as specified are followed to sure effective monitoring, control and support of service delivery.
•Ensures professional information security project execution, secures appropriate resources from the regional/global resource pool, assuring delivery of high quality results
•Owns the information security budgeting process and contributes to the controlling process


As the enterprise progress through its globalization strategy, capability to work at international level is essential with team members or colleagues distributed on several continents.

Regional development
Information Security must be able to support the business in fast growing regions (in particular Asia) with an Information Security Architecture architecture and organization that can be scaled to the requirements.

Permanent Technology evolution
Keep pace with the fast moving evolution of call center and business process outsourcing environment and maintain adequate level of security knowledge to support development and operational support.

Be able to adapt and comply to increasing internal or external constraints (PCI-DSS, Privacy laws, sector regulations (e.g. US healthcare sector: HIPAA regulations) in-country laws and adjust security processes accordingly


Geographical scope : North America and Asia
•Over 6000 employees distributed across North America and Asia
•Direct management of 1 employee
•Liaising with technology peers as well as Information Technology senior management, major clients and supplier partners.


Manage Information Security (administrative management, setup personal objectives...) and propose relevant required organizational changes. Also propose evolution path and personnel development plans.

b)Maintain Payment Card Industry Compliance
Ensure that the technology and Information Security is in line with defined PCI-DSS standards. Monitor and measure through metrics and operational excellence.

c)Investigate non-Compliance
Provide leadership and direction on the investigation and resolution of information security non-compliance in line with industry standards.

d)Change Management
Oversee the internal change management program within North America and Asia and maintain the process in accordance with PCI-DSS.

e)Process Management
Contribute to the definition and implementation of Global Processes (ITIL, ISO, etc.) in collaboration with Global Governance.

f)Budget Management
Define the information security budget for the region in line with regional directions and guidelines. Validate expenses all along the year in line with the defined budget.


•Bachelor/Master level in Computer Science or other related field or;
•Experience of 3 years or more in managing an information security entity at an international level.
•High level of call center technology industry knowledge
•Good and proactive communication skills towards local/regional business management, external customers and Global IT teams, including sensitivity to people with various educational or cultural backgrounds
•Capacity to translate security needs into clear technology proposals. Customer oriented with a strong will to help and find solutions
•Sound knowledge of major technology systems such as ERP, CTI, VOIP, CRM, and CMS systems.
•Strong understanding of infrastructure services (network, server, Wintern and desktop environments, Citrix, VMWare and Avaya).
•Excellent English (spoken, written)
•Ability to travel internationally
•Leadership skills
•CISSP and/or CISM certification required
•Proven PCI-DSS experience required
•Vendor management of QSAs required
•QualysGuard experience
•Fully autonomous – needs to be sufficiently technical to support the day-to-day running of information security.
People Management: Yes
Salary: To be determined
Employment Type: Full Time
Experience: 2-5 Years Experience
Education: Bachelor's Degree
Travel: -NA-
CONTACT DETAILS: Interested in this position?
If so, please send your CV by email to the following address or just click 'Apply Online' link.
  Name      : Careers
Email      :
Phone     : +1 877 637 2615

Posted on: 19-4-2013

Email to a Friend | Go Back