CanDeal

www.candeal.com

1 Job

118 Employees

About the Company

CanDeal is the leading multi-dealer-to-client electronic marketplace for Canadian dollar rates, money market and derivatives products. Our electronic trading platform delivers optimal transparency, efficient trade execution and unique business intelligence data, while reducing risk for both buy- and sell-side participants. End-to-end connectivity allows participants to execute quickly and with certainty. Our Data & Analytics ("CanDeal DNA") solutions deliver valuations for a universe of over 95,000 Canadian fixed income securities at multiple snap times throughout the day to better monitor, understand and manage market exposure. Our success is contingent on providing tailored solutions that promote the competitive position of Canada's debt capital markets on a global stage. CanDeal's ownership structure, comprised of Canada's six major banks and the TMX Group, combined with our industry experience and strategic relationships, help define the direction of the innovative technologies we bring to the market.

Listed Jobs

Company Name: CanDeal
Job Title: Head of Information Security/CISO
Job Description: **Job Title:** Head of Information Security / CISO **Role Summary:** Lead and manage the enterprise information security program, ensuring confidentiality, integrity, and availability of IT assets and electronic information. Drive strategy, governance, risk mitigation, and compliance across cloud, network, and application environments. **Expectations:** - Execute information security strategy aligned with business objectives. - Deliver executive‑level reporting on risk, compliance, and security posture. - Champion continuous improvement of security controls and incident response. **Key Responsibilities:** - Design, implement, and maintain security policies, procedures, and standards (ISO 27001, NIST, COBIT, ITIL). - Oversee risk assessments, vulnerability management, and penetration testing initiatives. - Govern security architecture for on‑premise and cloud infrastructures, IAM, data protection, and endpoint security. - Lead incident response, vulnerability remediation, and disaster recovery planning. - Chair the Information Security Committee, coordinating with cross‑functional stakeholders. - Conduct security awareness training and support regulatory compliance (OSFI, OC, PIPEDA, GDPR). - Evaluate and procure internal and third‑party security products and services. - Report regularly to senior management with non‑technical, cost‑benefit insights. **Required Skills:** - Deep knowledge of security architecture, cloud security, network security, and secure development. - Expertise in risk management, vulnerability & threat assessment, and incident response. - Strong stakeholder and relationship management across all business units. - Project management skills with ability to handle concurrent initiatives. - Excellent communication of technical concepts in business terms. **Required Education & Certifications:** - Bachelor’s or higher in Information Technology, Computer Science, or related field. - Minimum 10 years of progressive information security experience. - Professional certifications: CISSP, CISM, CISA, GIAC, or equivalent (mandatory). ---