Cybersecurity & Risk Manager

Closing Date: Friday, March 6, 2026 - 5:00 pm

Leads development and execution of an effective and sustainable Cybersecurity program and related controls.

Develops, implements and monitors a strategic, comprehensive enterprise information security and IT risk management program and information security management framework.

Manages assigned staff, hires, assigns work schedules, plans for future workforce needs and directs the preparation of business planning and annual budgets. Plans, organizes, directs, monitors and evaluates the work of staff and disciplinary action when required.

Facilitates risk assessment and risk management processes.

Creates and maintains effective Cybersecurity policies and plans and ensures consistent application of policies and standards across all technology projects, systems and services.

Leads planning, implementation and management of Information Technology Security architecture and related requirements guided by industry best practices and standards.

Develops, deploys, and maintains Cybersecurity incident response plan and leads cyber incident response.

Acts as the primary Incident Handler on cybersecurity related incidents.

Maintains and improves the Critical Incident Response program including creation of playbooks, maintenance of the plan and providing training to staff and internal stakeholders.

Ensures that effective disaster recovery policies and standards are in place, tested and maintained to improve organizational resilience.

Assists with preparation and management of and operating and capital budgets and leads procurement for Cybersecurity-related purchases.

Establishes and implements a monitoring framework for internal digital operations to ensure compliance to Cybersecurity standards and policy, including leading internal audits of performance/compliance.

Establishes effective reporting processes that support management discussion and leadership decision making about Cybersecurity plans and objectives.

Manages projects and initiatives related to cybersecurity and systems that fall under the responsibility of the Cybersecurity & Risk Section.

Liaises with other relevant internal stakeholders, organizations and external agencies to ensure that the organization maintains a strong security posture and is kept abreast of identified threats identified.

Develops, deploys, and maintains the cybersecurity awareness training program.

Establishes and implements regular external cybersecurity reviews and testing.

Monitors the external ecosystem for emerging risks and mitigating solutions.

Performs other related duties as assigned.

Qualifications

Degree in Computer Science, Computer Engineering or recognized equivalent

Six to eight years of progressive responsible related experience in IT solutions, compliance, regulatory experience, developing information security policies and procedures, as well as successfully executing programs, contract and vendor negotiations and management with a minimum of 5 years in Leadership roles.

Possession of Certified Information Systems Security Professional (CISSP)

Possession of the following Certifications would be considered an asset:

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA Recognized Certifications)

Microsoft Certified Technology Specialist (MCTS)

Knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, and security attack pathologies.

Thorough knowledge of cybersecurity and the relationship between threat, vulnerability and information value in the context of risk management.

Experience in planning and leading projects, preparing business cases, budgets and reports.

Project Management certification would be considered an asset.

Ability to communicate effectively, orally and in writing, including the ability to prepare and present presentations of a specialized nature.

Ability to exercise a high degree of initiative, innovation and ability to work independently.

Ability to lead and motivate teams.

Demonstrated knowledge of common information security and IT management frameworks, ITSG-33, NIST, ITIL, and/or other cybersecurity frameworks.

Demonstrated knowledge of common Cybersecurity management frameworks, regulatory requirements and industry leading practices.

Ability to work with highly confidential and sensitive information/evidence, exercising sound judgement to make decisions in complex and confidential situations, behaving at all times with tact, integrity and diplomacy.

Ability to pass the Saskatoon Police Service security clearance process.

$113,871.36 to $133,798.56 per annum (2026 rates)

Please note, this position works in-office full-time.

Accommodation The Saskatoon Police Service strives to provide an accessible and inclusive workplace for all, including throughout the application and selection process through reasonable access and accommodations.

#J-18808-Ljbffr