Apply now »

It has come to our attention that various international organizations or individuals have been offering false employment opportunities at Aecon Group Inc. Aecon Group Inc. employment policies and processes involve interviews, and candidates who seek employment are never required to pay us any sum of money. To do so would be contrary to our business conduct guidelines and ethical practices. We also do not extend formal offers of employment or execute employment agreements through social media or social chat platforms.

We take this matter extremely seriously and are working with the appropriate authorities to shut down such fraudulent schemes. Please remain vigilant on this matter and report any suspicious outreach to your local authorities and email any concerns to aecon@aecon.com
Date:  Feb 10, 2026
Location: 

Toronto, ON, CA

Operating Sector:  Information Services

Position Title:  Director, Information Security

Come Build Your Career at Aecon!

As a Canadian leader in infrastructure development, Aecon is safely and sustainably building what matters for future generations to thrive! We lead some of the most impactful infrastructure projects of our generation, at the forefront of transformational change in transportation and energy, and partnering every day to build, connect, power, and strengthen our communities.

 

At Aecon, you can count on:

  • Safety Always. Our number one core value. If we can’t do it safely, we don’t do it at all.
  • Integrity. We lead by example, with humility and courage.
  • Accountability. We’re passionate about delivering on our commitments.
  • Inclusion. We provide equitable opportunities for everyone.

 

We lead the infrastructure industry with purpose, and our people are at the heart of everything we do. So, we invest in our people, just like they invest in us! 

 

At Aecon we:

  • Ensure you and your family receive the services needed to support your mental, emotional, and physical well-being.
  • Believe in helping you build your career through our Aecon University and Leadership Programs.
  • Are committed to supporting and investing in inclusive work environments, through initiatives like Equity, Diversity & Inclusion training, our Aecon Women in Trades and Aecon Diversity in Trades programs, and our Employee Resource Groups (ERGs) to ensure we are building inclusion into every aspect of our culture at Aecon.
  • Are a leader in sustainable construction. With a strong commitment to operating responsibly by minimizing our impact on the environment and surrounding communities.

 

Our business success relies on strong execution and continuous improvement – driven by the diversity, expertise and teamwork of our people. We’re always searching the globe for innovative, collaborative minds to join our best-in-class Aecon community!

 

What is the Opportunity?

The Director, Information Security is responsible for managing the Governance, Risk & Compliance (GRC) and Information Security Architecture and Operations functions. This role ensures alignment to overall strategy, drives operational excellence, and constantly advances enterprise security maturity. This role reports to the VP, Information Security and influences senior stakeholders across IT, Legal, Privacy, and other business units.

 

What You’ll Do Here:

Governance, Risk & Compliance

  • Own enterprise security policy framework and risk management program aligned to NIST CSF and ISO 27001.
  • Oversee audits, regulatory assessments, and third-party risk management.
  • Ensures organizational compliance with CMMC 2.0 (US), CPCSC (Canada) and all other relevant security frameworks/regulations.
  • Oversee multiple external /internal IT audits including SOC 2, SOC 1, ITGC and Swift.

 

Security Operations

  • Lead 24×7 incident detection and response, threat intelligence, and vulnerability management.
  • Maintain and govern SIEM/SOAR use cases and incident response processes.

 

Security Architecture

  • Define security reference architectures and patterns (Zero Trust, cloud security).
  • Review high-risk initiatives and approve exceptions with compensating controls.

 

Budget & Vendor Management

  • Manage multi-million-dollar budget and work on the negotiations for complex contracts (MSA/SLA/SOW).
  • Oversee MSSP relationships and vendor performance metrics.

 

Leadership

  • Build and coach high-performing teams across GRC, SecOps, and Security Architecture.
  • Drive security culture and executive engagement.

 

What You Bring to the Team:

  • 10+ years in Information Security; 5+ years leading GRC, SecOps, and Architecture teams.
  • Proven experience managing large enterprise budgets and vendor contracts.
  • Certifications: CISSP, CISM, CRISC, CCSP preferred.
  • Strong knowledge of NIST CSF, ISO 27001, SOC 2, SOC 1, and Canadian privacy regulations.
  • Working knowledge of CMMC 2.0 would be considered an asset.

 

Reason for vacancy: New position

The expected salary range for this opportunity is $145,000-$160,000

 

Aecon fosters diversity, inclusion and belonging within and across our organization. We welcome all to apply including, women, visible minorities, Indigenous peoples, persons with disabilities, and persons of any sexual orientation or gender identity.

 

We are committed to adhering to the objectives and requirements outlined in the Accessible Canada Act (ACA), and to meeting the accessibility needs of persons with disabilities in a timely manner. Through the implementation of the requirements of the ACA and its applicable regulations, appropriate accommodations will be provided upon request throughout the interview and hiring process.

 

As part of our commitment to fair and transparent hiring practices, Aecon may use artificial intelligence (AI) tools to assist in screening and reviewing candidates. These tools are applied responsibly and in accordance with applicable privacy laws and Aecon’s AI Usage Policy. All final decisions are made by qualified Aecon team members.

 

Apply now »