Back to Jobs
Toronto, ON, Canada Hybrid Employment USD 130,000 – 160,000 / year

Kensington is hiring a Director, Cybersecurity

Responsibilities

  • Own the enterprise security roadmap. Work with legal, IT, and product leads to build out policy, data classification, and lifecycle management frameworks. Translate business risk into prioritized security investment and report on it clearly to senior leadership.
  • Look after the full security stack: Sentinel, Defender for Cloud, Defender for Endpoint, Defender EASM, Purview, Dynatrace, SonarCloud, Barracuda, and Ninjio. Set configuration standards and runbooks. Run Sentinel as the primary SIEM: reviewing alerts, investigating incidents, and making sure everything gets triaged, logged, and resolved or escalated.
  • You’ll be lead on our security vendor and partner relationships, including our external security consultants. Renegotiating, consolidating, and vetting additions as the program evolves.
  • Leader on PCI DSS, PIPEDA, and GDPR compliance for the IT domain. Manage the audit cycle with legal and development teams. Administer the vendor security assessment process for all third parties and respond to audit requests from our insurance providers and others.
  • Institute Purview as our data governance platform, covering classification, DLP, information protection, and eDiscovery.
  • Keep incident response plans documented, tested, and current. Oversee vulnerability management and pen testing programs.
  • Partner with the Director IT and L&D to drive cybersecurity awareness and phishing simulation programs.
  • Own the security metrics, spend, risk posture, and program ROI. Report monthly to IT and senior leadership in a format that tracks program maturity over time and supports good decisions on investment and risk.
  • Be the internal authority on cybersecurity. Stay current on threats, tools, and governance trends through professional development and conferences.

Requirements

  • 8+ years in cybersecurity with progressive responsibility; director or senior manager experience preferred.
  • Deep working knowledge of the Microsoft security ecosystem: Sentinel, Defender suite, Purview, and Entra.
  • Demonstrated experience with compliance frameworks and audit processes: PCI DSS, PIPEDA, and GDPR.
  • Proven track record managing a security vendor ecosystem including MSSPs and consulting partners.
  • Hands-on experience with incident response, vulnerability management, and penetration testing programs.
  • Strong program management and business communication skills — able to present risk clearly to non-technical senior leadership.

Nice to Have

  • Relevant certifications preferred: CISSP, CISM, CRISC, or equivalent

Additional Information

  • We are committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. If you require accommodation due to a disability at any stage of our hiring process, please advise us when completing your application.
About company
Kensington
Kensington delivers the world’s most personal travel experiences. We bring to life each client’s desire to travel in a way that’s tailored specifically for them, in the company of local private guides who ensure that they enjoy the authentic best of their destination. The result is a unique journey rich in memories that last a lifetime! We achieve this because of our extraordinary people, passionate experts with deep knowledge of their destinations. They are what enables us to deliver remarkable experiences in over 120 countries worldwide, and across each of our businesses – Private Touring, Cruises, Villas, Yachts, Expeditions, Ultraluxe Land, Private Jets, and Air.
All jobs at Kensington Visit website
Job Details
Category security
Posted 9 days ago