Enercare Inc. is one of Canada’s largest home and commercial services companies servicing over one million customers across Ontario, Manitoba, Saskatchewan, Alberta, British Columbia, Quebec and New Brunswick.  Enercare is the Experts at Home, operating under several brands including Enercare,  HydroSolution, and Pioneer Plumbing & Heating.  

A proudly Canadian-owned company, we are the Experts at what we do and deeply care about our customers.  We value a diverse, collaborative culture, and take pride in our commitment to health and safety, and knowing our work serves and supports our communities every day. No matter your role, we invest in making sure you have opportunities to grow, learn, and become the Expert you want to be.

If you are ready to become one of our Experts, we would love to hear from you.

Role: Senior Manager, Enterprise and Cyber Security
Status: Full Time, Permanent
Reports to: Director, IT Operations
Location: Markham

Please note, this position is exempt from Ontario’s 2026 pay transparency requirements under Regulation 476/24.

Summary:
Enercare is seeking a Senior Manager of Cybersecurity & Enterprise Security to lead and mature the organization’s end‑to‑end security posture across cybersecurity, identity and access management, infrastructure security, and cloud security.

This role is accountable for protecting Enercare’s information assets, identities, and core technology platforms across a hybrid environment, including Active Directory, Entra ID (Azure AD), on‑premise servers, Microsoft 365, cloud platforms, endpoints, and third‑party services.

The Senior Manager plays a critical leadership role in balancing risk, resilience, and business enablement, providing strategic direction, governance oversight, and executive‑level reporting. This role works in close partnership with Infrastructure, Cloud, IT Operations, and Business leaders to ensure security controls are consistent, risk‑based, and aligned to organizational priorities.

Responsibilities:

• Serve as a senior security leader and trusted advisor, translating cyber and enterprise security risk into clear business impacts and decision options.
• Prepare and deliver monthly security posture and risk updates to senior leadership, enabling informed prioritization, risk tradeoffs, and investment decisions that strengthen resilience and reduce exposure.
• Ensure security controls, operational processes, and technology roadmaps are aligned, mutually reinforcing, and jointly accountable for enterprise resilience.
• Provide senior leadership for the IT Security function, developing high‑performing teams through hiring, coaching, performance management, and succession planning.
  Own accountability for security investment decisions, ensuring funding is prioritized based on measurable risk reduction, resilience outcomes, and business value.
• Define, maintain, and communicate a multi‑year security roadmap aligned to organizational strategy, risk appetite, and technology direction.
• Define and continuously evolve Enercare’s enterprise security strategy, setting direction across cybersecurity, identity, infrastructure, and cloud environments to address evolving threats and business priorities.
• Establish and govern enterprise security standards and control objectives that protect the confidentiality, integrity, and availability of systems across on‑premise and cloud platforms, ensuring consistent and measurable implementation.
• Provide strategic oversight for enterprise identity platforms, including Active Directory and Entra ID (Azure AD) ensuring effective Identity Lifecycle management, Privileged Access Controls, Conditional Access and hybrid Identity Governance.
• Govern security controls for core platforms, including on‑premise servers, Microsoft 365, endpoints, and cloud infrastructure and SaaS services.
• Provide strategic oversight of security monitoring, detection, and response capabilities, including SIEM and SOC services, ensuring effectiveness, integration, and operational accountability.
• Enable and govern the use of AI‑powered security capabilities to enhance threat detection, correlation, investigation, and response efficiency.
• Ensure security incidents are assessed and managed based on business impact, with appropriate escalation, executive visibility, and resolution through established incident management processes.
• Own enterprise cybersecurity and security risk management, providing transparency of risk exposure, mitigation progress and residual risk to senior leadership.
  Ensure compliance with applicable regulations and standards, including PCI DSS, PIPEDA, ISO 27001/27701, and internal policies.
• Support internal and external audits with clear, defensible and evidence-based documentation.
• Define and oversee security requirements, governance and assurance activities for vendors, SaaS providers, and third parties.
• Ensure third‑party security controls are proportionate to application criticality, data sensitivity and business impact.
  
  

Responsibilities:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related discipline.
• Professional certifications are strongly preferred (e.g. CISSP, CISM, CCSP).
• 15+ years experience across information security, enterprise IT, infrastructure, or risk management.
• 10+ years in a senior security leadership role with accountability spanning cybersecurity and core enterprise platforms.
• Demonstrated experience securing hybrid environments, including:
• Active Directory and Entra ID
• On‑premise servers and infrastructure
• Microsoft 365; Cloud and SaaS platforms
• Demonstrated ability to develop, evolve, and operationalize enterprise security strategy, ensuring alignment with business priorities, technology direction, and emerging threat landscapes.
• Active engagement in the cybersecurity community, maintaining strong industry awareness through participation in professional forums, conferences, peer groups, and threat‑intelligence networks to ensure Enercare remains ahead of evolving risks.
• Strong understanding of Zero Trust, defence‑in‑depth, and identity‑centric security models.
• Experience working with AI‑powered security tools that enhance threat detection, correlation, and response.
• Deep knowledge of security frameworks and standards (e.g. NIST, ISO, PCI DSS).
• Ability to translate technical security risks into clear, business‑relevant insights.
• Proven experience presenting to C‑suite executives and influencing senior stakeholders.
• Strong written and verbal communication skills.
• Decisive leader able to operate effectively in high‑pressure situations.