Director Information Security

We are seeking an experienced and strategic Director of Data Security and Governance to lead our comprehensive data protection program. This critical role involves establishing and enforcing data security policies to meet stringent regulatory requirements, including the International Traffic in Arms Regulations (ITAR), and fulfilling complex data security obligations within commercial contracts. You will be responsible for building our data governance framework from the ground up, including implementing a robust data classification program and deploying modern security solutions like Data Security Posture Management (DSPM) and Data Rights Management (DRM)., in addition to managing the DLP program., Performs tasks such as, but not limited to, the following:

• Strategy & Policy Development: Design, implement, and oversee the enterprise-wide data security and governance strategy, policies, and standards.
• Compliance & Regulatory Oversight: Serve as the primary expert on data security requirements for ITAR and other government regulations. Ensure all data handling processes and systems are compliant with contractual and legal obligations.
• Data Classification Program: Develop and manage a corporate data classification policy and program. Work with business units to identify, classify, and protect sensitive and regulated data throughout its lifecycle.
• Technology Implementation: Lead the selection, implementation, and operationalization of a Data Security Posture Management (DSPM) solution to provide visibility and control over our data landscape.
• Data Rights Management (DRM): Implement and manage a DRM solution to control access to and usage of sensitive data, ensuring that only authorized individuals can access and interact with protected information according to defined policies.
• Risk Management: Conduct regular data security risk assessments, identify vulnerabilities, and oversee remediation efforts to mitigate risks.
• Incident Response: Develop and lead the data-focused components of the incident response plan, including containment, investigation, and reporting of data breaches.
• Collaboration & Training: Partner closely with Legal, IT, Engineering, and business stakeholders to embed data security principles into their operations. Develop and deliver training programs to raise awareness about data governance and security best practices., * Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.

• Minimum of 10 years of experience in cybersecurity and data governance, with at least 4 years in a leadership role.
• Proven track record of successfully implementing a data classification program across an enterprise.
• Direct experience with the procurement and deployment of DSPM and DRM technologies.
• Skills & Knowledge:
• Deep understanding of data protection principles, including encryption, access control, data loss prevention (DLP), and data discovery.
• Expert knowledge of security frameworks such as NIST Cybersecurity Framework, NIST 800-171, and ISO 27001.
• Excellent project management skills and the ability to lead cross-functional teams.
• Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
• Certifications (Preferred):
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Privacy Professional (CIPP)

Typical Education

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent experience.
• A Master's degree is a plus.
• Educational requirements may vary by geography.

Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.