Project Manager 0207-1909

HM Note : This hybrid role is three (3) days in office

Description :

This key role will drive the development and implementation of three core areas : Cyber / Privacy Services, Identity & Access Management (IAM), and Information and Records Management (IRM).

The successful candidate will spearhead projects that enhance our security posture, streamline access management, and transform our information handling practices across all departments.

The ideal candidate will have a proven track record in managing complex, multi-faceted IT security and information management projects.

They will possess deep knowledge of cybersecurity best practices, extensive experience in implementing IAM solutions, and a strong understanding of modern IRM systems and methodologies.

This role requires a balance of technical expertise, strategic thinking, and exceptional project management skills to align these initiatives with Supply Ontario's corporate priorities and regulatory requirements.

Responsibilities

• Strategic Planning and Execution :
• Develop and implement comprehensive strategies for Cyber / Privacy Services, IAM, and IRM initiatives.
• Lead the end-to-end delivery of projects within each area, ensuring alignment with organizational goals and industry best practices.
• Establish roadmaps for maturing the organization's capabilities in each domain.
• Cyber / Privacy Services Enhancement :
• Oversee projects to strengthen Supply Ontario's cybersecurity infrastructure and practices.
• Lead initiatives to enhance privacy protection measures across all systems and processes.
• Implement advanced threat detection and response capabilities.
• Identity & Access Management Implementation :
• Establish and execute a robust IAM strategy for Supply Ontario.
• Lead the selection, implementation, and integration of IAM solutions.
• Develop policies and processes for efficient identity lifecycle management and access governance.
• Information and Records Management Transformation :
• Guide the implementation of a comprehensive IRM system to centralize and organize information assets.
• Oversee projects to enhance information security, improve recordkeeping practices, and streamline information access.
• Implement solutions leveraging technologies such as SharePoint and Microsoft 365 E5 Compliance suite.
• Stakeholder Management and Communication :
• Collaborate with key stakeholders across the organization to ensure project alignment and buy-in.
• Develop and execute change management strategies to facilitate adoption of new systems and processes.
• Lead communication initiatives to raise awareness about security, IAM, and IRM best practices.
• Risk Management and Compliance :
• Ensure all projects adhere to relevant regulatory requirements and industry standards.
• Develop and maintain risk management strategies specific to each domain.
• Oversee the implementation of controls to mitigate identified risks.
• Performance Monitoring and Continuous Improvement :
• Establish metrics and KPIs to measure the success of initiatives across all three domains.
• Continuously assess and optimize implemented solutions to align with evolving organizational needs and technological advancements.

Required Skill :

• 7-10 years' experience leading enterprise-wide technology projects, with demonstrated success in security, identity management, or information governance initiatives
• 5+ years' experience developing and implementing strategic roadmaps and establishing project governance frameworks
• Deep expertise in project portfolio management, resource allocation, and risk management
• 5+ years' experience leading cross-functional teams and managing executive stakeholder relationships

General Skills :

• Strategic Project Leadership : Demonstrated ability to lead complex, enterprise-wide projects in security, privacy, and information management.
• Executive Alignment : Proven skill in understanding and articulating leadership expectations, translating them into actionable project deliverables.
• Team Management : Experience in directing and managing cross-functional teams, ensuring collaboration and successful delivery of project components.
• Performance and Risk Management : Expertise in monitoring and managing cost, risk, schedule, governance, and technical performance across multiple projects.
• Budget Development : Proficiency in developing and managing complex budgets with multiple funding channels and cross-organizational dependencies.
• Stakeholder Engagement : Strong ability to direct stakeholder consultation, facilitation, and consensus building across diverse groups.
• Change Management : Adeptness in leading strategies to manage resistance to change and leverage support for new initiatives.
• Communication : Excellence in developing and communicating project-related updates through various channels, including executive presentations and reports.
• Analytical and Problem-Solving Skills : Strong capability to analyze complex situations, identify patterns, and make decisions based on available information.
• Agile and DevOps Methodologies : Proficiency in applying agile project management principles and DevOps practices to enhance project delivery.

Desirable Skills :

• Cyber security Expertise : Extensive experience in implementing and managing enterprise-wide cyber security and privacy protection initiatives.
• IAM Proficiency : Proven track record in developing IAM strategies and implementing IAM solutions in complex organizational environments.
• IRM Knowledge : Strong understanding of Information and Records Management principles and experience with implementing IRM systems.
• Technology Integration : Experience in integrating various security and information management technologies, including SharePoint, Microsoft 365 E5 Compliance suite, and leading IAM platforms.
• Regulatory Compliance : Familiarity with relevant regulatory frameworks (e.g., privacy laws, information security standards) and their implications for cyber security, IAM, and IRM.
• Data Protection and Governance : Deep understanding of data protection methodologies and information governance principles.
• Change Management : Demonstrated success in leading organizational change, particularly in the context of security and information management practices.
• Vendor Management : Experience in managing relationships with cyber security, IAM, and IRM solution vendors and service providers.
• Risk Management : Strong capability in identifying, assessing, and mitigating risks related to information security and management.
• Certifications : Relevant certifications such as CISSP, CISM, Microsoft 365 Certified : Enterprise Administrator Expert, or Certified Identity and Access Manager (CIAM) would be highly advantageous.

Deliverables

Cyber / Privacy Services Deliverables

• Cybersecurity Strategy and Roadmap
• Comprehensive cybersecurity strategy document aligned with organizational goals
• Multi-year implementation roadmap with clear milestones and success metrics
• Budget and resource allocation plans for cybersecurity initiatives
• Privacy Framework Implementation
• Privacy impact assessment methodology and templates
• Privacy policies and procedures documentation
• Privacy training and awareness program materials
• Data breach response plan and procedures
• Security Operations Enhancement
• Security monitoring and incident response procedures
• Security tools implementation plan and execution
• Regular security assessment and audit reports
• Vulnerability management program documentation

Identity & Access Management (IAM) Deliverables

• IAM Strategy and Architecture
• Enterprise IAM strategy document
• IAM reference architecture documentation
• Integration framework for existing and future applications
• IAM policies and standards documentation
• IAM Implementation Plans
• User lifecycle management process documentation
• Role-based access control (RBAC) matrix
• Privileged access management (PAM) framework
• Multi-factor authentication (MFA) rollout plan
• IAM Operations and Governance
• Access certification process and schedules
• IAM audit and compliance reporting framework
• Automated provisioning / de-provisioning workflows
• IAM metrics and KPI dashboard

Information and Records Management (IRM) Deliverables

• IRM Strategy and Governance
• Information management strategy and policies
• Records retention schedules and policies
• Information classification framework
• Data governance model and procedures
• Technical Implementation Plans
• SharePoint and M365 implementation architecture
• Data migration strategy and execution plan
• System integration specifications
• Information security controls documentation
• Records Management Operations
• Records management procedures manual
• FOI response process documentation
• Information lifecycle management workflows
• Audit and compliance reporting framework

Cross-Portfolio Deliverables

• Project Management Artifacts
• Detailed project plans for each initiative
• Resource allocation and capacity plans
• Risk and issue logs with mitigation strategies
• Status reports and executive dashboards
• Change management and communication plans
• Financial Management
• Project budgets and forecasts
• Cost-benefit analysis reports
• Vendor management plans and contracts
• ROI and value realization reports
• Training and Change Management
• Training needs assessment reports
• Training materials and documentation
• Change impact assessments
• Stakeholder engagement plans
• User adoption metrics and reports
• Governance and Compliance
• Compliance assessment reports
• Audit readiness documentation
• Policy and procedure manuals
• Regular compliance monitoring reports

Performance Measurement Deliverables

• Program Success Metrics
• KPI definition and measurement framework
• Performance dashboards and reports
• Benchmark analysis reports
• ROI and benefits realization reports
• Quality Assurance
• Quality management plan
• Testing strategies and plans
• User acceptance testing results
• Post-implementation review reports

Transition and Sustainability Deliverables

• Operational Readiness
• Operational handover documentation
• Standard operating procedures (SOPs)
• Support model documentation
• Maintenance and upgrade plans
• Knowledge Transfer
• Knowledge transfer plans
• System and process documentation
• Training materials for support teams
• Best practices documentation

Must Haves :

• 7-10 years' experience leading enterprise-wide technology projects, with demonstrated success in security, identity management, or information governance initiatives
• 5+ years' experience developing and implementing strategic roadmaps and establishing project governance frameworks
• 5+ years' experience leading cross-functional teams and managing executive stakeholder relationships
• Deep expertise in project portfolio management, resource allocation, and risk management
6 days ago