Information Security Officer (Full-Time, Temporary Maternity Leave Coverage)

About Us:

Vecima Networks (TSX:VCM) is leading the global evolution to the multi-gigabit, content-rich networks of the future. Our talented people deliver future-ready software, services, and integrated platforms that power broadband and video streaming networks, monitor and manage transportation, and transform experiences in homes, businesses, and everywhere people connect. We help our customers evolve their networks with cloud-based solutions that deliver ground-breaking speed, superior video quality, and exciting new services to their subscribers. Learn more at vecima.com.

Position Summary:

As the Information Security Officer, you will maintain and improve Vecima’s Information Security Management System (ISMS), support ISO/IEC 27001:2022 governance activities, and coordinate information security risk, policy, audit, awareness, incident response, and supplier security processes across the organization. This role serves as a key point of coordination among IT, business stakeholders, Legal, Supply Chain, and other control owners to ensure security requirements are defined, implemented, monitored, and continuously improved.

This is an opportunity to play a central role in supporting and advancing Vecima’s security governance, supplier security, and ISO/IEC 27001:2022 program during a key one-year maternity leave coverage period.

Key Responsibilities:

• ISMS and Governance:
  
  
  
  • Maintain and improve Vecima’s Information Security Management System (ISMS) and support ISO/IEC 27001:2022 governance activities, including risk assessments, risk treatment tracking, control documentation, evidence collection, corrective actions, audit readiness, and follow-up on gaps.
  
  
  • Coordinate periodic management reviews, policy and standards reviews, control updates, and related governance activities to support continuous improvement of the information security program.
  
  
  • Maintain security metrics, dashboards, risk registers, and status reporting for leadership.
  
  
  
  


• Supplier Security and Third-Party Risk:
  
  
  
  • Support and coordinate supplier security reviews, including due diligence, security questionnaires, risk assessments, remediation follow-up, and ongoing monitoring of higher-risk suppliers.
  
  
  • Work with Supply Chain, Legal, internal business owners, and other stakeholders to ensure information security requirements are incorporated into supplier onboarding, contracting, monitoring, and offboarding processes.
  
  
  • Use GRC, ISMS, and TPRM tools, including Optro (formerly AuditBoard), to manage security documentation, assessments, workflows, and evidence as applicable.
  
  
  
  


• Stakeholder Coordination:
  
  
  
  • Partner with internal stakeholders to define security requirements, assign action owners, track remediation, and escalate material security risks or unresolved issues as needed.
  
  
  • Communicate security obligations, risks, and progress clearly to technical and non-technical audiences.
  
  
  
  


• Security Strategy:
  
  
  
  • Contribute to the development, implementation, and continuous improvement of the organization’s information security strategy aligned with business objectives.
  
  
  • Stay current with emerging threats, security trends, and relevant technologies to help maintain an effective and practical security posture.
  
  
  
  


• Security Awareness and Training:
  
  
  
  • Promote a strong culture of security awareness across the organization and support the delivery of effective security education and awareness activities.
  
  
  
  


• Incident Response:
  
  
  
  • Support maintenance of the incident response plan and coordinate investigations, documentation, corrective actions, and follow-up activities related to security incidents.
  
  
  
  

Required Qualifications:

• Post-secondary education in Information Technology, Cybersecurity, Computer Science, or a related discipline, or an equivalent combination of education and experience.


• 5+ years of relevant experience in information security, IT risk, compliance, audit, governance, or a related field.


• Strong practical experience with ISO/IEC 27001:2022 and with operating and maintaining an ISMS.


• Experience developing, maintaining, and improving information security policies, standards, procedures, and governance documentation.


• Experience performing or coordinating security risk assessments, audit support, remediation tracking, and evidence collection.


• Knowledge of cloud and SaaS environments and common security controls.


• Strong written and verbal communication skills, with the ability to work effectively with technical and non-technical stakeholders.

Preferred Qualifications:

• Experience with supplier security and third-party risk management (TPRM) processes is highly desirable.


• Experience using GRC, ISMS, and TPRM platforms or tools is desirable; familiarity with Optro (formerly AuditBoard) is an asset.


• Familiarity with GDPR, PIPEDA, PIPL, and other data protection requirements is an asset.


• Professional certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, or similar credentials are strong assets.

At Vecima, everyone contributes and has the opportunity to make an impact. We foster an open, caring, and innovative work environment where creativity and communication thrive. We strive to do our best and recognize achievements that fuel individual and company growth. Together, we create the breakthroughs that lead the industry forward.

Vecima offers a competitive compensation and benefits package, along with a challenging work environment that supports skill development and career growth.

We consider applicants for all positions without regard to race, color, religion, creed, gender, national origin, age, disability, marital or veteran status, or any other legally protected status.

We are driven by the innovation, leadership, and passion of exceptional people. If you are looking for a challenging and rewarding opportunity as an Information Security Officer, we would love to hear from you! 

Apply now!

Vecima Recruitment Process

Vecima takes great care to protect your privacy and personal information throughout the recruitment process.

All legitimate email communications and job offers will come from an @vecima.com email address. If you receive a suspicious message, please contact your Vecima representative directly to verify its legitimacy.

Submit your application

• Follow the application instructions carefully


• Complete all required fields and upload necessary documents

Initial Screening

• If shortlisted, you will receive an email or phone call from a Vecima HR Business Partner for:


• A brief conversation about your background


• Basic questions about availability, salary expectations, and interest in the role

 Interviews

• Phone/Video Interviews: First round with HR or the hiring manager


• Technical/Skills Assessments: If applicable, complete a test or assignment


• In-Person or Final Interviews: Meet with hiring managers or team members; could be a panel

Reference & Background Checks

• Provide professional references upon request


• Be prepared for employment or education verification, and a criminal background check

 Job Offer

• All job offers will come from Vecima’s UKG Applicant Tracking System


• Review the verbal and written offer carefully

Onboarding Preparation

• Complete paperwork and pre-employment requirements


• Get details on your first day, orientation, and whom to contact