Manager, Cyber Risk Management

Position Title: Manager, Cyber Risk Management
Position Type: Regular - Full-Time
Requisition ID: 39340
At McCain, we believe in meaningful technology - using digital technology not just for innovation, but to make a difference globally. Join a team where innovation drives purpose and technology shapes the future. This is your chance to develop sought-after expertise, work on exciting, high-impact projects, and create solutions that truly make a difference. If you're ready to push boundaries, tackle purposeful challenges, and build a career that matters, we want you on our team.
In every role, McCainers are ambitious, curious, and passionate about creating exceptional work experiences - together. With a customer-first mindset, we make doing business with McCain easy.
About the role.
This high profile role will report directly to the CISO. They will be responsible for contributing to the design, implementation, operationalization, and sustainment of McCain's cyber risk function, including Third Party Risk Management (TPRM). This role will collaborate with various departments to foster a culture of compliance and mitigate risks associated with critical systems.
What you'll be doing. Cyber Risk Management:

• Lead and conduct risk assessments across technology platforms and architectures, including but not limited to cloud, AI and SaaS based solutions.
• Maintain McCain cyber risk framework (e.g. IT and AI risk frameworks), ensuring alignment across IT and business functions.
• Actively govern cyber risk in the McCain risk register.
• Define KRIs and KPIs to provide cyber risks insights to McCain executives.
• Empower technology teams to establish cyber risk ownership and action plans for remediation.
• Develop and lead annual maturity and audit assessments as per annual plans (e.g. SWIFT and NIST-based assessments)

Third Party Risk Managament (TPRM):

• Managing and enhancing a TPRM Security Program to mitigate security threats emanating from third-party vendors, suppliers, and strategic partner engagements.
• Own oversight of the global third-party cyber risk governance strategy and framework.
• Conducting comprehensive risk assessments of third-party vendors, suppliers, and strategic partners including evaluation of vendor security controls.
• Engage with procurement and technology governance, risk and compliance stakeholders to represent third party cyber risk management interests in process integration efforts.

• Contributing to the on-going development of the TPRM strategy, framework, policy, standards, processes and tools.
• Reviewing risk management activities performed in relation to McCain's third-party ecosystem.
• Managing the completion of control assessment questionnaires and act as the point of contact with the third party to ensure completeness, consistency and quality of responses.
• Participating in and supporting security related engagements such as audits and questionnaires.
• Serve as a key interface with external and internal auditors for vendor security compliance related activities.
• Establish KRI's and KPI's to report on and assess vendor security posture. Managing risk within organizational risk appetite.
• Serve as a trusted advisor, providing input and commentary on overall TPRM program effectiveness to leadership and / or risk committees as required.
• Collaborate with legal teams to ensure appropriate security language and controls are addressed in third-party contracts and other agreements.
• Maintain a continuous monitoring program for Third Parties including cyber security incidents to ensure ongoing protection of McCain operations, IT and data assets.

Leadership Requirement:
Demonstrated ability to lead cross-functional risk governance initiatives by proactively partnering across Digital Technology, business functions, legal, and procurement to break down silos and drive integrated solutions to complex cyber and third-party risk challenges. Proven track record of influencing without authority to align diverse stakeholders around a common risk management vision, priorities, and standards. Takes personal ownership for creating clarity in roles and decision-making, setting explicit expectations and KPIs that foster an environment of shared accountability and continuous improvement. Champions a culture where teams are empowered to act like owners, mindful of achieving both short-term and long-term risk objectives for the enterprise.
What you'll need to be successful.

• You have 7+ years of experience managing Information Security risk and TPRM within medium to large sized organizations.
• Firm understanding of AI risk frameworks and assessment techniques for Gen AI solutions.
• Experience partnering with senior leadership on risk management initiatives

• You have strong and proven leadership capabilities with communication, coaching, influence, negotiation and conflict resolution.
• You have experience working with vendor risk management security tooling capabilities.
• You have experience with Information Security practice and processes including vendor threat and risk assessments
• You have experience managing risk throughout the risk lifecycle
• You are highly motivated, and results oriented with an ability to handle high pressure situations with key stakeholders.

About McCain.
Click Here to learn more about McCain and how we provide you with opportunities to make an impact that matters.
Leadership principles.
At McCain, our leadership principles guide how we engage with customers, collaborate as a team, and achieve success. We focus on understanding customer needs, driving innovation, empowering people, and taking ownership to clear obstacles and deliver results.
The McCain experience.
We are McCain. This statement is a testament to our collective strength and our individual value. Your contributions play a vital role in our success. Our winning culture is rooted in authenticity and trust, empowering us to bring out the best in one another. Here, you'll find opportunities to learn, grow, and thrive. Join us and experience why we're better together.
Our purpose is grounded in building meaningful relationships. We're big believers in the power of working together in person-it helps us stay connected, collaborate more effectively, and grow as a team. At the same time, we recognize the importance of flexibility. Most office-based roles follow a hybrid model, with the option to work remotely two days a week. There may be exceptions depending on the role and location, so we encourage you to speak with your recruiter for more details.
#LI-McCain2025
Compensation Package : $102,700.00 - $137,000.00 . CAD annually + Bonus Eligibility
The above reflects the target compensation range for the position at the time of posting. Hiring compensation will be determined based on experience, skill set, education and training, and other organizational needs.
Benefits: At McCain, we're on a mission to create a winning culture that puts employee safety and well-being at the heart of what we do, every day. We understand and appreciate that each person's needs are unique and ensure our benefits & well-being programs reflect that. Employees are eligible for the following benefits: health coverage (medical, dental, vision, prescription drug), retirement savings benefits, and leave support including medical, family and bereavement. Well-being programs include vacation and holidays, company-supported volunteering time, and mental health resources. Coverages are aligned with country, provincial and state governing plans and can vary by work level, location and nature of the role. Additional benefit detail available during the application process.
Your well-being matters to us, and we're here to provide you with the necessary resources to support you in being your best self at work - and at home.
McCain Foods is an equal opportunity employer. As a global family-owned company, we strive to be the employer of choice in the diverse communities around the world in which we live and work. We recognize that inclusion drives our creativity, resilience, and success and makes our business stronger. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, age, veteran status, disability, or any other protected characteristic under applicable law.
McCain is an accessible employer. If you require an accommodation throughout the recruitment process (including alternate formats of materials or accessible meeting rooms), please let us know , and we will work with you to find appropriate solutions.
Your privacy is important to us. By submitting personal data or information to us, you agree that this will be handled in accordance with McCain's Global Privacy Policy and Global Employee Privacy Policy , as applicable. You can understand how your personal information is being handled here .
Job Family: Information Technology
Location(s): CA - Canada : Ontario : Toronto || CA - Canada : New Brunswick : Florenceville-Bristol
Company: McCain Foods (Canada)