CrawlJobs Logo
Klohn Crippen Berger Logo Klohn Crippen Berger · IT - Administration

Information Security Officer

Canada, Vancouver 110000.00 - 130000.00 CAD / Year · Job Posted April 11, 2026
Apply Position
Job Link Share

Job Description

Klohn Crippen Berger is seeking an experienced and strategic Information Security Officer (ISO) to oversee and enhance the protection of our digital information systems. Reporting to the Director of IT, this role is responsible for leading and advancing KCB’s enterprise cybersecurity program. This role will be instrumental in defining and implementing our cybersecurity vision and roadmap, ensuring robust governance, compliance, and security operations across our international offices.

Job Responsibility

  • Lead the development and execution of KCB’s cybersecurity strategy and operating model
  • Oversee security governance, including policies, standards, and compliance activities
  • Design and deliver cybersecurity awareness and training programs
  • Identify vulnerabilities through regular risk assessments and audits, and implement mitigation plans across infrastructure, applications, and cloud services
  • Identify, assess, and report on cybersecurity, IT, and regulatory risks to information assets
  • Establish and maintain security policies, standards, and procedures to comply with applicable frameworks such as ISO/IEC 27001, NIST, and GDPR
  • Establish resilience standards aligned with enterprise risk and business continuity objectives
  • Lead second-line assurance functions, including audits and control effectiveness reviews
  • Direct and coordinate incident detection and response procedures, including investigation, escalation, remediation, and post-mortem analysis
  • Develop and manage incident response and recovery plans to ensure business continuity
  • Lead and support investigations, risk analysis, and response to security incidents
  • Partner with IT, Engineering, HR, and Legal to strengthen security awareness and integrate security best practices across departments
  • Collaborate with external partners (e.g., law enforcement, advisory bodies) to maintain a strong security posture
  • Evaluate, implement, and manage security tools (e.g., SIEM, endpoint protection, access controls) to proactively defend against threats
  • Implement and maintain security controls (e.g., firewalls, intrusion detection/prevention, encryption)
  • Assess and monitor the security posture of third-party vendors and service providers

Requirements

  • Bachelor’s or Master’s degree in Computer Science, Information Security, Business Administration, or a related field
  • Minimum 7 years of experience in cybersecurity or information risk management, including 5 years in a leadership role
  • Relevant certifications (e.g., CISSP, CISM, or similar) are considered an asset
  • Strong knowledge of cybersecurity frameworks, risk management practices, and regulatory requirements
  • Strong knowledge of cybersecurity technologies, identity and access management, network security, and cloud security (e.g., Azure, AWS)
  • Deep understanding of secure software development lifecycles, data classification, and regulatory compliance
  • Experience leading teams and managing performance, development, and recruitment
  • Ability to manage multiple priorities in a fast-paced, evolving environment
  • Strong communication skills with the ability to translate complex security topics into business impact terms for technical and non-technical stakeholders
  • Proven ability to handle sensitive, complex, and confidential matters with sound judgment and discretion

Nice to have

  • A passion for staying ahead of evolving cyber threats and technologies
  • A collaborative mindset and comfort working across global teams
  • A detail-oriented approach to processes and documentation
  • Ownership and accountability in delivering secure, scalable solutions

What we offer

  • Hybrid work opportunities
  • Annual performance and salary review
  • Vacation policy that aligns with your experience
  • Flexible benefits, including Registered Savings Plan, social, and mental well-being initiatives
  • Commitment to global Environmental Social Governance standards
Klohn Crippen Berger - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Officer

8 matching positions

Senior Information Security & OT Officer

Senior Information Security & OT Officer role at METLEN Energy & Metals, focusin...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Information Security Officer

The Information Security Technology Lead Analyst is a senior level professional ...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Established influencing and relationship management capabilities that contribute to strategic alignment and execution
  • Proven analytical skills and a strong sense of curiosity, with the ability to uncover the root causes and understand the true nature of complex security and risk issues
  • Familiarity with enterprise technologies including cloud platforms, APIs, identity management, and data protection practices
  • Demonstrated knowledge of secure design principles and security frameworks.
Job Responsibility
Job Responsibility
  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Support technical and business teams to resolve any vulnerabilities or issues detected in an application or infrastructure
  • Act as a trusted advisor to business and technology teams, providing pragmatic guidance on cybersecurity risks, controls, and requirements
  • Translate technical security concepts into business-relevant language to inform leadership decisions and drive action
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Participate in information security assessments across applications, infrastructure, and business processes, ensuring that non-compliant items are addressed in coordination with relevant stakeholders
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Contribute to the growth of less technical colleagues through knowledge-sharing, contextual guidance, and translating complex security concepts into practical understanding.
What we offer
What we offer
  • Competitive base salary (which is annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources.
  • Fulltime
Read More
Arrow Right

Senior Information Security Officer

In a world of technology, people make the difference. We believe if we invest in...
Location
Location
United States , Reston
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrates strong experience with IC/DoD customer's Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
  • Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
  • A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
  • An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
  • Must presently be 8570 compliant (IAT Level 2 preferred)
  • Experience with one or more commercial government cloud service provider’s system accreditation processes
  • Experience with the Xacta
  • Experience as a Cybersecurity Control Assessor
  • Experience with Ongoing Authorizations and Assessments
  • Experience with C2S Cloud, or DevOpsSec
Job Responsibility
Job Responsibility
  • Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
  • Assist in overseeing and managing day-to-day operation of Information Systems
  • Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
  • Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC)
  • Create and process RMF authorization packages from submission to approval/disapproval
  • Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures
  • Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms)
  • Advise developers on integrating security requirements
  • Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Information Security Officer

Elevate Our Security Posture: Join Us as an Information Security Officer. Are yo...
Location
Location
Poland , Łódź
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in an information security role, with at least 2 years in a leadership position
  • Relevant certifications (CRISC, CISSP, CISA, CISM) are preferred
  • Strategic Mindset: Deep understanding of business goals and objectives, with the ability to align cybersecurity risk management with overall business strategy
  • Risk Management Expertise: Proven ability to identify, assess, and prioritize cybersecurity risks
  • Technical Proficiency: In-depth knowledge of cybersecurity principles, security controls, incident response, and industry frameworks
  • Communication & Collaboration: Excellent communication skills, with the ability to translate complex technical concepts for non-technical audiences
  • Leadership: Proven ability to lead and mentor a team of security professionals
  • Thrive in a Fast-Paced Environment: Experience contributing to and managing cybersecurity within a high-growth company
Job Responsibility
Job Responsibility
  • Risk Management: Proactively identify, assess, and mitigate security risks and vulnerabilities
  • Security Awareness: Develop and deliver engaging training programs to educate employees on security best practices
  • Compliance: Ensure adherence to relevant security standards and regulations (ISO 27001, PCI DSS, GDPR)
  • Policy & Procedure Development: Lead the creation and maintenance of clear and concise security policies and procedures
  • Third-Party Risk Management: Assess and manage the security posture of third-party vendors and partners
  • Data Protection: Define requirements and contribute to implementing Data Loss Prevention (DLP) solutions
  • Security Frameworks: Contribute to the adoption and implementation of industry-leading security frameworks (NIST, CIS)
  • Business Partnership: Collaborate closely with business units to understand their security needs and align with the overall security strategy
  • GRC Program: Operate and mature our Governance, Risk, and Compliance (GRC) program
  • Leadership & Collaboration: Lead and mentor a team of security professionals, fostering a culture of collaboration and continuous improvement
Read More
Arrow Right

Senior Information System Security Officer

We are seeking a highly skilled and mission-driven Senior Information Systems Se...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (or equivalent combination of education and experience)
  • 8+ years of progressive experience in information systems security, with at least 3 years in a senior-level or lead ISSO role supporting federal or state government agencies
  • Strong working knowledge of: NIST 800-53, RMF, FISMA, OWASP Top 10, and SANS Institute standards
  • SAFe Agile environments and integrating security in Agile workflows
  • Networking, Linux/Windows system administration, and secure software development practices
  • Cloud platforms (AWS, Azure, GCP) and related security tools (e.g., AWS Security Hub, Azure Defender)
  • Experience in managing security documentation, participating in audits, and working with compliance frameworks
  • Relevant certifications such as CISSP, CISM, Security+, CEH, or equivalent
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead the implementation and maintenance of system security controls in compliance with federal cybersecurity frameworks, including NIST SP 800-53, RMF, OWASP, DISA STIGs, and Common Criteria
  • Oversee the full lifecycle of Authorization to Operate (ATO) processes, including preparation of System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and risk assessments
  • Serve as a senior security advisor and liaison to system owners, developers, DevOps engineers, and government stakeholders
  • Participate in technical reviews of system architecture and ensure secure design of virtualized and software-defined infrastructures
  • Support integration of security controls into CI/CD pipelines using DevSecOps principles and tools (e.g., Jenkins, GitLab CI, SonarQube, Snyk)
  • Provide security engineering support for modern cloud environments, including AWS, Azure, or Google Cloud Platform, and assess cloud-native security capabilities
  • Conduct vulnerability assessments, interpret scan results from tools like Tenable, Nessus, Splunk, or Qualys, and lead remediation efforts
  • Mentor junior ISSOs and analysts on security policies, best practices, and tool usage
  • Ensure continuous monitoring activities are aligned with organizational risk tolerance and compliance goals
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Senior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of six (6) years of hands-on experience in cybersecurity and expert knowledge of Governance Risk and Compliance
  • At least three (3) years supporting and maintaining system authorizations for complex systems
  • Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies
  • Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response
  • Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership
  • Must possess at least two of the following active certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, Project Management Professional (PMP)
  • Proficiency in tools such as JCAM, Tenable Nessus, BigFix and Splunk
  • Ability to develop, review, and present high-level security documentation and briefings
  • Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Information Systems Security Officer

AnaVation is seeking a mid-level ISSO for our mission critical customer in Washi...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s in Computer Science, or other related analytical, scientific, or technical discipline
  • 4+ years’ experience with NIST, FISMA, and Security Assessment & Authorization
  • Knowledgeable on various security-related NIST publications (e.g., SP 800-53r5, SP 800-53A, SP 800-18r1, etc.)
  • In-depth knowledge of information security principles, methodologies, and best practices
  • Experience in conducting risk assessments and implementing security controls
  • Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools
  • Knowledge of incident response procedures
  • Obtain a CI Poly
  • Can be on-site 5 days a week
  • This position requires a Top-Secret clearance with SCI eligibility and the ability to obtain a CI Poly
Job Responsibility
Job Responsibility
  • Developing, maintaining, and assessing Security Assessment & Authorization (SA&A) packages resulting in an authority to operate (ATO) for IT systems
  • Creating and maintaining SSPs and supporting documentation in accordance with agency guidelines and directives. This includes writing implementation statements, creating supporting documentation (e.g., contingency Plans, Incident Response Plans, Account Management Plans, etc.), and performing self-assessments, while working with system stakeholders
  • Develop, coordinate, test, and train personnel on Incident Response Plans and Contingency Plans
  • Ensuring that information systems are accredited, maintain their ATO, and are being continuously monitored
  • Performing risk assessments for government systems, to include cloud-based systems
  • Performing security control assessments to include collecting supporting artifacts/evidence and interviewing system owner/owner representatives
  • Having an in-depth knowledge of the Risk Management Framework (RMF)
  • Maintaining and tracking system POA&Ms
  • Conducting vulnerability management and analysis
  • Reviewing and analyzing government policy
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Information Systems Security Officer

Hoplite Solutions is seeking Information Systems Security Officers (ISSO) to joi...
Location
Location
United States , Fort Meade
Salary
Salary:
125000.00 - 195000.00 USD / Year
hoplitesolutions.com Logo
Hoplite Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI with Polygraph
  • A Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years’ experience and 10 years of related work experience in the field of security authorization
  • DoD 8570.1 compliant IAM Level I certification, such as the CompTIA Security+ certification. A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted
  • A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
  • Knowledge of commercial security tools and their uses
  • Experience with hardware/software security implementations
  • Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services
  • Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance
  • Experience creating and presenting documentation and management reports
  • Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation
Job Responsibility
Job Responsibility
  • Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves
  • Provide guidance and technical expertise on all matters that impact or effect the security of the information system
  • Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis
  • Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package
  • Conduct configuration management for security-relevant changes to software, hardware, and firmware
  • Perform and deliver security impact analyses of changes to the system or its environment of operation
  • Assess the effectiveness of system security controls on an ongoing basis to determine system security status
  • Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments
  • Provides configuration management for security-relevant information system software, hardware, and firmware
What we offer
What we offer
  • 7% employer 401k contribution
  • fully paid healthcare for our employees
  • outstanding training benefits
  • company funded life insurance and short-term disability insurance
  • Fulltime
Read More
Arrow Right