Toronto, Ontario, Canada On-site Employment

University Health Network is hiring a Chief Information Security Officer

About the Role

The University Health Network (UHN) is hiring a Chief Information Security Officer (CISO). Reporting to the Chief Information Officer (CIO), you will lead and coordinate cybersecurity strategy across the Toronto Regional Local Delivery Group (LDG), representing multiple healthcare organizations across the region. This executive leadership role involves overseeing the implementation of Ontario Health’s Cyber Security Operating Model (CSOM) and ensuring funded initiatives are delivered on time, within scope, and measurably strengthen the region’s security posture.

What You'll Do

Lead the development and execution of a regional cybersecurity strategy aligned with Ontario Health’s Cyber Security Operating Model (CSOM).
Identify emerging cyber risks and establish multi-year roadmaps to strengthen cybersecurity maturity and resilience across all member organizations.
Oversee the delivery of LDG-wide cybersecurity initiatives, ensuring projects are executed on schedule and in alignment with program objectives.
Monitor progress, address barriers to implementation, and provide regular reporting and updates to executive leadership and key stakeholders.
Lead regional cybersecurity awareness and education initiatives to strengthen organizational security culture.
Implement and maintain a regional risk management framework to proactively identify and address cybersecurity risks and vulnerabilities.
Establish and coordinate a region-wide incident response approach, including preparedness planning, testing, and continuous improvement.
Develop and maintain common cybersecurity policies, standards, and practices across member organizations.
Lead regional cybersecurity governance structures, including working groups and executive forums, to support collaboration and coordinated decision-making.
Oversee the regional cybersecurity budget and ensure investments are strategically prioritized to enhance the LDG’s security posture.
Manage procurement and vendor partnerships for cybersecurity solutions and services, ensuring alignment with public sector procurement requirements.

What We're Looking For

Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related discipline.
Minimum of 10 years of progressive experience in information technology and cybersecurity, including demonstrated leadership of enterprise security programs within complex or highly regulated environments.
At least 3 years in a senior leadership role (e.g., CISO, Director of Security, or equivalent).
Experience developing and executing an enterprise or regional cybersecurity strategy, including oversight of multi-year roadmaps and delivery of large-scale security initiatives across complex or multi-stakeholder environments.
Demonstrated experience presenting to and advising executive leadership and governance bodies on cybersecurity risk, investment decisions, and program performance.
Experience translating technical cybersecurity risks into clear business impacts for senior leaders and non-technical stakeholders.
Demonstrated experience building cross-organizational alignment, leading through influence, and driving consensus across diverse internal and external partners.
Working knowledge of recognized cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, COBIT) and relevant privacy and regulatory requirements within healthcare and/or the public sector (e.g., PHIPA, PIPEDA).
Experience applying cybersecurity best practices in areas such as cloud security, identity and access management, threat management, and incident response.
Experience overseeing cybersecurity budgets and managing vendor relationships, including procurement, contract oversight, and performance management within a public sector or healthcare environment.

Nice to Have

A master’s degree (e.g., MBA or Master’s in Cybersecurity or Information Security Management) is considered an asset.
Experience preferably in healthcare or the broader public sector.
Professional cybersecurity certifications (e.g., CISSP, CISM, CISA, CCISO) are preferred.
Healthcare-focused certifications are considered an asset.

Team & Environment

Reports to the Chief Information Officer (CIO). Leads and coordinates cybersecurity strategy across the Toronto Regional Local Delivery Group (LDG), representing multiple healthcare organizations.

Benefits & Compensation

Competitive offer packages.
Government organization and a member of the Healthcare of Ontario Pension Plan (HOOPP).
Close access to Transit and UHN shuttle service.
A flexible work environment.
Opportunities for development and promotions within a large organization.
Additional perks (multiple corporate discounts including: travel, restaurants, parking, phone plans, auto insurance discounts, on-site gyms, etc.).

Work Mode

This is an onsite role located at 620 University Avenue.

UHN is an equal opportunity employer committed to an inclusive recruitment process and workplace. Requests for accommodation can be made at any stage of the recruitment process.

Required Skills

cybersecurity strategyenterprise securityrisk managementexecutive communicationgovernanceleadershipprogram managementsecurity initiativescomplianceinformation security

Got hired remotely?

Get paid like a professional

Remote clients expect company invoices, not personal PayPal requests. Glopay forms an EU partnership that makes you look legitimate while you stay independent.

Professional invoices with EU company details

Compliance handled automatically

Withdraw to any bank account

Income reports for easy tax filing

Create free account

Free signup • 5 min setup

About company