Director, Information and Cyber Security Strategy & Operations

Toronto, ON, Canada

CPP Investments

View company page

Company Description

Make an impact at a global and dynamic investment organization

When you invest your career in CPP Investments, you join one of the most respected and fastest growing institutional investors in the world. With current assets under management valued in excess of $500 billion, CPP Investments is a professional investment management organization that globally invests the funds of the Canada Pension Plan (CPP) to help ensure long-term sustainability. The CPP Fund is projected to reach $3 trillion by 2050. CPP Investments invests in all major asset classes, including public equity, private equity, real estate, infrastructure and fixed-income instruments, and is headquartered in Toronto with offices in Hong Kong, London, Luxembourg, Mumbai, New York City, San Francisco, São Paulo and Sydney. 

CPP Investments attracts and selects high-calibre individuals from top-tier institutions around the globe.  Join our team and look forward to:

  • Diverse and inspiring colleagues and approachable leaders
  • Stimulating work in a fast-paced, intellectually challenging environment
  • Accelerated exposure and responsibility
  • Global career development opportunities
  • Being motivated every day by CPP Investments’ important social purpose and unshakable principles
  • A flexible/hybrid work environment combining in office collaboration and remote working
  • A deeply rooted culture of Integrity, Partnership and High Performance

If you share a passion for performance, value a collegial and collaborative culture, and approach everything with the highest integrity, here’s an opportunity for you to invest your career at CPP Investments.

Job Description

Reporting directly to the Managing Director, Head of Information & Corporate Security, the Director, Information and Cyber Security Strategy & Operations,  will work closely with the Information & Corporate Security Leadership (Technology & Cyber Risk, Security Operations, Security Architecture, Corporate Security, and Data Governance) team to oversee cross-functional initiatives, drive alignment of cyber security plans with organizational priorities, coordinate cross-team activities, maintain and update the Cybersecurity strategy, and elevate the Information and Cybersecurity profile across the fund.  You will work as a trusted advisor to the Head of Information & Corporate Security working to mature all aspects of the group.


  • Maintain and update the Information and Cyber Security strategy
  • Collaborate with the Head of Information and Corporate Security, and the leadership team to develop and maintain the Cyber Security Program and associated roadmaps.
  • Utilize proven Information and Cyber Security expertise to develop scalable and sustainable operational metrics, dashboards, and scorecards for Executive Leaders; and coach peer leadership team on the development of actionable KPIs.
  • Establish, implement, and monitor annual and long-term objectives and associated KPIs/OKRs; and create the necessary dashboards, reports, and presentations to provide visibility to all stakeholders, including Executive Leaders and Board members.
  • Create and implement internal best practices for strategy, defining effective processes for driving continuous improvement and improved performance
  • Lead the group’s resource management, financial planning, and budget management in partnership with HR, Finance, and Business Management.
  • Foster cross-department collaboration by defining and driving operational cadences while shaping and executing the group’s strategic roadmap and communication strategy in partnership with other team members.
  • Collaborate with other departments, such as IT, Legal, Compliance and HR to ensure that cybersecurity is integrated into all aspects of the organization’s operations
  • Lead department/functional strategic initiatives that drive business value. Collaborate, plan, and organize to bridge strategies across teams.


If you possess many of the following, we’d like to hear from you:

Knowledge/ Skills/Competencies/Qualities Sought

Education & Professional Certifications:

  • Undergraduate degree required, preferably in Technology / Data Science / business / finance or related discipline; post graduate degree is a plus;
  • Industry recognized certification (e.g., CISA, CRISC, CISM, CISSP) or equivalent certification is desirable.

Professional Experience:

  • Minimum 10 years of experience in information and cybersecurity including strategy design, implementation and monitoring or;
  • Experience providing strategic guidance to clients as part of a large consulting organization a plus
  • Experience developing, communicating, and implementing cybersecurity or technology strategies
  • Deep technical or operational experience in cybersecurity
  • Implementation and use with mastery of goal setting frameworks like OKR, KPI management.
  • Experience with a variety of cybersecurity disciplines and topics including vulnerability management, access management, cloud security, risk management, security operations, frameworks (e.g., NIST CSF), etc.
  • Broad knowledge of IT related technology with specific expertise with security related technologies

Personal Competencies:

  • Extremely effective communicator who is able to apply strong written and oral communications skills across varying levels of the organization with an ability to lean into in-depth discussions with highly technical stakeholders; and present technical concepts to non-technical stakeholders.  High attention to detail.
  • Excellent judgment and the ability to make quick decisions when working in complex situations.
  • Strong business acumen, forward-thinking and able to work through ambiguous requests.
  • Ability to work effectively with a variety of peers and other leaders; able to adapt approach to partner effectively. Use skills, experience, and functional knowledge to earn and maintain credibility with others.
  • Strong judgment and creativity; strong problem-solving and analytical skills; ability to effectively process a large volume of information, and draw meaningful/persuasive conclusions;
  • Proven ability to build and foster professional relationships and influence others effectively at senior management, peer, and staff levels;
  • Self-motivated and able to work independently and as part of a team having a “hands on” approach as well as appreciate diversity of thought and opinions;
  • Demonstrated ability to manage multiple complex engagements simultaneously, and to prioritize work and efforts of team effectively.

Additional Information

Visit our LinkedIn Career Page or Follow us on LinkedIn. #LI-BG1

At CPP Investments, we are committed to diversity and equitable access to employment opportunities based on ability.

We thank all applicants for their interest but will only contact candidates selected to advance in the hiring process. 

Our Commitment to Inclusion and Diversity:

In addition to being dedicated to building a workforce that reflects diverse talent, we are committed to fostering an inclusive and accessible experience. If you require an accommodation for any part of the recruitment process (including alternate formats of materials, accessible meeting rooms, etc.), please let us know and we will work with you to meet your needs.


CPP Investments does not accept resumes from employment placement agencies, head-hunters or recruitment suppliers that are not in a formal contractual arrangement with us. Our recruitment supplier arrangements are restricted to specific hiring needs and do not include this or other web-site job postings. Any resume or other information received from a supplier not approved by CPP Investments to provide resumes to this posting or web-site will be considered unsolicited and will not be considered.  CPP Investments will not pay any referral, placement or other fee for the supply of such unsolicited resumes or information.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰>

Job stats:  9  2  0

Tags: CISA CISM CISSP Cloud Compliance CRISC Finance Governance KPIs Monitoring NIST OKR Risk management Security strategy Strategy Vulnerability management

Perks/benefits: Career development Equity / stock options Flex hours Team events

Region: North America
Country: Canada

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.