Skip to content

Director, IT Security & Compliance

Posted: July 20 2023
Share on Facebook
Share on Twitter
Share on LinkedIn
Share via Email
All companies under the Great Gulf umbrella are united by one simple goal: the pursuit of greatness. It’s achieved daily with the passion and dedication of every person who works tirelessly to make us great.  If you have what it takes to make great things happen, apply today to join our team.


Director, IT Security and Compliance


IT Infrastructure


CIO, Great Gulf Group


351 King St E/Remote/ Hybrid


Up to 15% travel required



The Director, Security will help reduce security risks to the Great Gulf Group’s (GGG) systems, applications, assets, members, business processes, networks, etc., by enhancing the security risk framework methodology, scope, processes, supporting tooling and training.  They will engage and align with technology and business partners to drive a comprehensive information security strategy and ensure information assets and technologies are appropriately implemented and protected.  This position is a hands-on role that requires implementation of procedures, hardware as well as working with service providers and external stakeholders.



  • Oversee GGG’s security risk posture and exposure
  • Deploy and maintain security best practices across the Infrastructure and Applications
  • Lead or participate in security risk related initiatives
  • Review, maintain and develop IT and security governance structures, processes, & procedures to prevent security breaches, major incidents and non-compliance with regulatory requirements.
  • Manages ongoing and new third-party assessments of security and compliance.
  • Develop, test, and implement new cybersecurity-managed services and then train other IT staff to operationally support the solution(s)
  • Manage risks and security issues that could impact the confidentiality, integrity, and/or availability of the business (both internally and externally) by assisting in documentation, tracking, and creating solutions for mitigation
  • Identify, measure, control, and minimize security risks to information systems across a broad range of disciplines including application, network, and host security
  • Supervise deployment of strong identity and access management (IDAM) controls across applications and computing environments
  • Implements security incident response plans and serves as the response lead during incidents.
  • Review and update the company’s Cyber Security Training program
  • Update and educate the executive team on current cyber threats, issues, and risks; provide regular status updates on initiatives and operations
  • Other duties as assigned.



The Director, IT Security and Compliance role will require interacting with department heads from across the Great Gulf Group, in order to assess technical requirements for the business and providing technical recommendations where required.



  • Degree in a related discipline would be an asset (e.g., B.Eng. B.Sc., etc.)
  • 10+ years of experience working in information security controls, information technology audit, or security risk management.
  • Deep understanding of security best practices
  • Strong technical knowledge with Cloud Computing Environments
  • Strong technical knowledge of Microsoft Platforms and Technologies including Web Servers, Application Servers and Databases
  • Strong technical knowledge of Linux/Unix Platforms and Technologies, including Web Servers, Application Servers, and Databases
  • Strong technical knowledge of networking equipment, including wireless, switches, firewalls, etc.
  • Ability to develop policies and procedures relating to IT/security governance and educate IT colleagues on governance and controls issues.
  • Exposure with various security tools and methodologies, including network security, vulnerability management, vulnerability & penetration assessments, anti-malware, and endpoint security management.
  • Advanced knowledge of security frameworks and regulations, such as PCI-DSS, PIPEDA, ITIL, NIST and ISO
  • Excellent interpersonal, leadership and relationship-building skills to deal with senior levels of management, service providers and local and remote business partners
  • Certifications such as CISSP, CISM or CRISC, ITIL V3/V4 are highly desirable






This position is a desk job.  The applicant will have the choice of working from the office at 351 King St East, Toronto, or working from home with the occasional day at the office.



This position requires that the applicant be able to use a computer

Great Gulf is committed to providing a fair and equitable work environment and encourages applications from qualified women, men, visible minorities, aboriginal peoples and persons with disabilities. As per the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act (AODA), Great Gulf will accommodate the needs of applicants with disabilities throughout all stages of the selection process. If you need accommodation during the recruitment process, please advise Human Resources.

The Great Gulf Group (“GGG”) is committed to protecting the health and safety of our employees, our tradespeople and suppliers, and our customers and visitors. Employment with GGG is conditional upon you having received all required doses of a COVID-19 vaccine series approved by Health Canada at least 14 days prior to your start date. You must provide a copy of your Ministry of Health COVID-19 Vaccine Dose. If you have a medical reason, or any other reason pursuant to the Ontario Human Rights Code, for not being fully vaccinated now or in the future, you may submit a written request for accommodation with an explanation of the ground and/or any supporting documentation to assist in the determination of exemption from this condition.