The Treasury Board Secretariat is committed to Equity, Diversity, Inclusion and Accessibility. Our goal is to build a public sector workforce that reflects the diverse communities we serve and to promote welcoming, diverse, inclusive, respectful workplaces that are accessible to all. We welcome all interested individuals including Indigenous People, persons with disabilities, Black, racialized, ethnic and culturally diverse groups, as well as people regardless of their sexual orientation, gender identities, and gender expressions. Those looking for more information are invited to visit our Equity, Diversity, and Inclusion Policy.
Our Vision: Forward-looking people, service, and technology.
Our Mission: Our Team proudly delivers quality IT expertise and advice with our partners to make citizen and business-centric service possible.
Reporting to the Chief Digital and Operating Officer (CDOO) and Director of Enterprise Architecture Security and Data Services, the Chief Information Security Officer (CISO) for the Province of PEI is accountable and responsible for the delivery of the Government’s Cybersecurity Program.
The Cybersecurity Program's purpose is to protect the confidentiality, integrity, and availability of the Government’s information and technology assets, while also engaging with PEI stakeholders - including public sector agencies to provide cybersecurity advice and assist in facilitating access to cybersecurity-related services to strengthen Government’s overall cybersecurity posture. The program is also intended to support and enable ITSS in working together with Departments to achieve high-quality, cost-effective Information Management Technology (IMT) services. This will involve identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while supporting and advancing business objectives.
The scope of the program includes all aspects of security for Government’s IMT systems, including cybersecurity strategic planning; cyber threat intelligence and penetration testing; IMT risk management and vulnerabilities management; cybersecurity governance, policy development and compliance; cybersecurity awareness and training; cyber threat and cyber incidents management and response; and disaster recovery. The position provides a critical component in the delivery of shared solutions/services to proactively address security vulnerabilities, threats, risks, incidents, and overall cybersecurity needs for the Government. The CISO is responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which we operate. All Departments are impacted by the decisions made by the position regarding government-wide security policies, directives, controls, and standards.
The CISO ensures that the work of the section adds value by meeting the goals set by the ITSS Strategic Plan, the Digital Strategy and IMIT Foundations of the Government of PEI and provides subject matter expertise and recommendations to ITSS Senior Leadership and to the Deputy Ministers Digital and Information Advisory Council (DIAC).
Duties will include but are not limited to:
- Oversee and conduct network monitoring and intrusion detection analysis using systems such firewalls, intrusion prevention systems (IPS), security information & event management (SIEM), host based security systems, etc;
- Utilizing cloud tools in analysing Government’s cloud environments to ensure security measures are being followed for SaaS, PaaS, and IaaS that are being use
- Leads the information security function across the Government to ensure consistent and high-quality information security management in support of the business goals
- Determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas
- Develops and enhances an up-to-date information security management framework based on the following: National Institute of Standards and Technology (NIST) Cybersecurity Framework with recognition and appropriate augmentation from International Organization for Standardization (ISO) 2700X, ITIL, ENISA, ISA-62443, and COBIT/Risk IT.
- Provides input for the IT section of the Government's code of conduct
- Creates the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required
- Communicates vision and values of the organization, emphasizing excellence at all levels engaging all staff in the division
- Sets and communicates roles and expectations of team members to meet the goals of ITSS and Government
- Sets direction and motivates through collaborative development and implementation of short- and long-term tactical plans to ensure capacity meets existing and future requirements
- Prepares capital budget submissions for projects which support the strategic plans
Minimum Qualifications:
- Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security;
- Degree in business administration or a technology-related field, or equivalent work- or education-related experience
- Demonstrated equivalencies will be considered;
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar Security credentials;
- CERFICATION: Security Clearance of Secret required to be maintained for this position;
- CISO is a business leader and should have a track record of competency in the field of information security and/or risk management, with seven to 10 years of relevant experience, including five years in a significant leadership role;
- Knowledge and understanding of relevant legal and regulatory requirements, such as: such as Personal Information Protection and Electronic Documents Act (PIPEDA), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard;
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework;
- Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies;
- Up-to-date knowledge of methodologies and trends in both business and IT;
- Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment;
- Experience with contract and vendor negotiations;
- The ideal candidate is a thought leader, a builder of consensus and of bridges between business and technology. He or she is an integrator of people, process and technology. While the CISO is the leader of the information security program, he or she must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that cybersecurity is foundational for the organization to deliver on its business goals and objectives;
- Poise and ability to act calmly and competently in high-pressure, high-stress situations;
- High degree of initiative, dependability and ability to work with little supervision while being resilient to change;
- High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity;
- Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity;
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists;
- Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization;
- Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exists;
- Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives;
Other Qualifications:
- A critical thinker, with strong problem-solving skills;
- Strong problem-solving and trouble-shooting skills;
- Self-motivated and possessing of a high sense of urgency and personal integrity;
- Excellent stakeholder management skills;
- Project management skills: financial/budget management, scheduling and resource management;
- A master of influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital
This competition may be used to fill future job vacancies
Please Note: Please ensure the application clearly demonstrates how you meet the noted qualifications as applicants will be screened based on the information provided. We would like to thank all applicants for their interest; however, only those who are selected for an interview will be contacted.
Where possible, submitting an electronic resume or job application is preferred. Otherwise, please return forms to PEI Public Service Commission, P.O. Box 2000, Charlottetown, Prince Edward Island, C1A 7N8. Applications may be sent by fax to (902) 368-4383.
IT IS THE RESPONSIBILITY OF THE APPLICANT TO CONFIRM RECEIPT OF THE APPLICATION, BY TELEPHONE OR IN PERSON PRIOR TO THE CLOSING DATE.
Please ensure that the appropriate Posting ID number is stated on all application forms. You can apply online or obtain an application form by visiting our web site at www.jobspei.ca. Forms may also be obtained by contacting any PEI Government office, ACCESS PEI Centre, Regional Services Centre, or by telephone (902) 368-4080.
Voted as one of Forbes' top 45 Best Employers in Canada for 2026
The Public Service is inspired to make a positive impact and proud to shape the future of our Island Community.
