Director of Cybersecurity and GRC (Governance, Risk and Compliance)
TransForm Shared Service Organization
Americas, Canada, Ontario, Windsor
Oops! You need to have an account to use this feature
Sign up to access features including all filters, job matching, dashboard, apply service, etc.
Compatibility Score
Compatibility Score / Job Matching
This unique feature shows a score indicating how closely this job matches the preferences you set in your profile.
Access to this feature requires signing up.
Salary
$95,775 Per Year
Rank
Director
Responsibility
Functional Tower Lead
Scope
Regional
Workplace
100% in office
Functions
IT
Legal
Reports to
CIO
Level
N-2
Travel Max:
10%
Posting Date
08-24-2025
Description
The Director of Cybersecurity and GRC is a senior leader responsible for developing and executing a comprehensive cybersecurity program across five hospitals. This role leads the organization’s ISO/IEC 27001 certification strategy and maintains a robust Information Security Management System (ISMS) to drive enterprise risk management and data protection.
The Director oversees all GRC functions, including policy development, risk assessments, audit readiness, and compliance with healthcare regulations such as HIPAA and PHIPA. Working closely with IT and clinical leadership, they embed cybersecurity best practices into operational workflows and reduce technical risk across the organization. This is a strategic role focused on governance, secure configuration, and compliance—not day-to-day infrastructure operations.
The Director reports to the CIO and serves as a key advisor to senior leadership on cyber risk, maturity, and investment priorities.
Key Responsibilities
- Lead ISO/IEC 27001/HITRUST implementation and certification efforts across five hospitals.
- Maintain the Information Security Management System (ISMS) and ensure audit readiness.
- Develop and manage the GRC program in alignment with NIST CSF and healthcare regulations (HIPAA, PHIPA).
- Conduct regular risk assessments, track mitigation, and report on compliance.
- Define and enforce secure configurations across Microsoft Intune, O365, SharePoint, and AD using CIS Benchmarks.
- Collaborate with IT to reduce attack surfaces and embed security into system design.
- Advise on cybersecurity in new initiatives (e.g., cloud migration, clinical tech rollouts).
- Lead security awareness and accountability efforts across technical and clinical teams.
- Deliver risk dashboards and metrics to the executive team and board.
- Continuously improve the security program based on threat intelligence and emerging standards.
Qualification & Requirements
MUST- HAVES:
- Bachelor’s degree in Cybersecurity, Information Systems, or related field.
- Minimum 10 years of progressive experience in cybersecurity or GRC, with at least 5 years in a leadership capacity.
- Demonstrated success leading ISO/IEC 27001 certification initiatives.
- Strong understanding of Microsoft enterprise technologies (Intune, O365, SharePoint, AD) and CIS security benchmarks.
- A strong understanding of privacy and security regulations (e.g., HIPAA, PHIPA).
WE VALUE:
- Cybersecurity experience in a healthcare setting is considered a strong asset.
OTHER CONDITIONS:
- Minimal exposure to disagreeable conditions typical of an office position: exposed to stress and pressure associated with multiple priorities and deadlines
- Must be able to travel within the Southwestern Ontario area, when required
- Must be able to work evenings and weekends, when required
- License/Certification: Driving License (required)
Benefits
- Company pension
- Dental care
- Disability insurance
- Employee assistance program
- Extended health care
- Life insurance
- On-site parking
- Paid time off
- Tuition reimbursement
- Vision care
- Wellness program
Company Profile
TransForm Shared Service Organization
Industry
Hospitals and Healthcare
Revenue
$25.01M
Employees
138
Fortune 500 Rank
NA
Global 500 Rank
NA
Application can only be submitted by logging into your Glassdoor Account
Note: This type of application does not reduce the Apply Credits included in your Subscription.
