Job DescriptionJob Description:Assignment: RQ00207 - Project Manager/Leader - Senior Job Title: Project Manager/Leader - Senior Requisition: RQ00207 Client: Supply Ontario Start Date: 2024-12-09 End Date: 2025-04-05 Department: Operations Office Location: 200 Front St, 8th Floor Business Days: 85.00 Note: Hybrid work arrangement with minimum 2-3 days per week on-site at Supply Ontario offices Must Haves:7-10 years' experience leading enterprise-wide technology projects, with demonstrated success in security, identity management, or information governance initiatives5+ years' experience developing and implementing strategic roadmaps and establishing project governance frameworks5+ years' experience leading cross-functional teams and managing executive stakeholder relationshipsDeep expertise in project portfolio management, resource allocation, and risk management Public Sector Experience: Nice to have DescriptionSupply Ontario is seeking a strategic and experienced Senior Project Manager to lead critical initiatives within the Security, Privacy and Info Mgmt Portfolio of our Enterprise Technology team. This key role will drive the development and implementation of three core areas: Cyber/Privacy Services, Identity & Access Management (IAM), and Information and Records Management (IRM). The successful candidate will spearhead projects that enhance our security posture, streamline access management, and transform our information handling practices across all departments.The ideal candidate will have a proven track record in managing complex, multi-faceted IT security and information management projects. They will possess deep knowledge of cybersecurity best practices, extensive experience in implementing IAM solutions, and a strong understanding of modern IRM systems and methodologies. This role requires a balance of technical expertise, strategic thinking, and exceptional project management skills to align these initiatives with Supply Ontario's corporate priorities and regulatory requirements. Responsibilities Strategic Planning and Execution:Develop and implement comprehensive strategies for Cyber/Privacy Services, IAM, and IRM initiatives.Lead the end-to-end delivery of projects within each area, ensuring alignment with organizational goals and industry best practices.Establish roadmaps for maturing the organization's capabilities in each domain.Cyber/Privacy Services Enhancement:Oversee projects to strengthen Supply Ontario's cybersecurity infrastructure and practices.Lead initiatives to enhance privacy protection measures across all systems and processes.Implement advanced threat detection and response capabilities.Identity & Access Management Implementation:Establish and execute a robust IAM strategy for Supply Ontario.Lead the selection, implementation, and integration of IAM solutions.Develop policies and processes for efficient identity lifecycle management and access governance.Information and Records Management Transformation:Guide the implementation of a comprehensive IRM system to centralize and organize information assets.Oversee projects to enhance information security, improve recordkeeping practices, and streamline information access.Implement solutions leveraging technologies such as SharePoint and Microsoft 365 E5 Compliance suite.Stakeholder Management and Communication:Collaborate with key stakeholders across the organization to ensure project alignment and buy-in.Develop and execute change management strategies to facilitate adoption of new systems and processes.Lead communication initiatives to raise awareness about security, IAM, and IRM best practices.Risk Management and Compliance:Ensure all projects adhere to relevant regulatory requirements and industry standards.Develop and maintain risk management strategies specific to each domain.Oversee the implementation of controls to mitigate identified risks.Performance Monitoring and Continuous Improvement:Establish metrics and KPIs to measure the success of initiatives across all three domains.Continuously assess and optimize implemented solutions to align with evolving organizational needs and technological advancements. Required Skill:7-10 years' experience leading enterprise-wide technology projects, with demonstrated success in security, identity management, or information governance initiatives5+ years' experience developing and implementing strategic roadmaps and establishing project governance frameworksDeep expertise in project portfolio management, resource allocation, and risk management5+ years' experience leading cross-functional teams and managing executive stakeholder relationships General Skills:Strategic Project Leadership: Demonstrated ability to lead complex, enterprise-wide projects in security, privacy, and information management.Executive Alignment: Proven skill in understanding and articulating leadership expectations, translating them into actionable project deliverables.Team Management: Experience in directing and managing cross-functional teams, ensuring collaboration and successful delivery of project components.Performance and Risk Management: Expertise in monitoring and managing cost, risk, schedule, governance, and technical performance across multiple projects.Budget Development: Proficiency in developing and managing complex budgets with multiple funding channels and cross-organizational dependencies.Stakeholder Engagement: Strong ability to direct stakeholder consultation, facilitation, and consensus building across diverse groups.Change Management: Adeptness in leading strategies to manage resistance to change and leverage support for new initiatives.Communication: Excellence in developing and communicating project-related updates through various channels, including executive presentations and reports.Analytical and Problem-Solving Skills: Strong capability to analyze complex situations, identify patterns, and make decisions based on available information.Agile and DevOps Methodologies: Proficiency in applying agile project management principles and DevOps practices to enhance project delivery. Desirable Skills:Cyber security Expertise: Extensive experience in implementing and managing enterprise-wide cyber security and privacy protection initiatives.IAM Proficiency: Proven track record in developing IAM strategies and implementing IAM solutions in complex organizational environments.IRM Knowledge: Strong understanding of Information and Records Management principles and experience with implementing IRM systems.Technology Integration: Experience in integrating various security and information management technologies, including SharePoint, Microsoft 365 E5 Compliance suite, and leading IAM platforms.Regulatory Compliance: Familiarity with relevant regulatory frameworks (e.g., privacy laws, information security standards) and their implications for cyber security, IAM, and IRM.Data Protection and Governance: Deep understanding of data protection methodologies and information governance principles.Change Management: Demonstrated success in leading organizational change, particularly in the context of security and information management practices.Vendor Management: Experience in managing relationships with cyber security, IAM, and IRM solution vendors and service providers.Risk Management: Strong capability in identifying, assessing, and mitigating risks related to information security and management.Certifications: Relevant certifications such as CISSP, CISM, Microsoft 365 Certified: Enterprise Administrator Expert, or Certified Identity and Access Manager (CIAM) would be highly advantageous. Deliverables Cyber/Privacy Services DeliverablesCybersecurity Strategy and Roadmap Comprehensive cybersecurity strategy document aligned with organizational goalsMulti-year implementation roadmap with clear milestones and success metricsBudget and resource allocation plans for cybersecurity initiativesPrivacy Framework Implementation Privacy impact assessment methodology and templatesPrivacy policies and procedures documentationPrivacy training and awareness program materialsData breach response plan and proceduresSecurity Operations Enhancement Security monitoring and incident response proceduresSecurity tools implementation plan and executionRegular security assessment and audit reportsVulnerability management program documentation Identity & Access Management (IAM) DeliverablesIAM Strategy and Architecture Enterprise IAM strategy documentIAM reference architecture documentationIntegration framework for existing and future applicationsIAM policies and standards documentationIAM Implementation Plans User lifecycle management process documentationRole-based access control (RBAC) matrixPrivileged access management (PAM) frameworkMulti-factor authentication (MFA) rollout planIAM Operations and Governance Access certification process and schedulesIAM audit and compliance reporting frameworkAutomated provisioning/de-provisioning workflowsIAM metrics and KPI dashboard Information and Records Management (IRM) DeliverablesIRM Strategy and Governance Information management strategy and policiesRecords retention schedules and policiesInformation classification frameworkData governance model and proceduresTechnical Implementation Plans SharePoint and M365 implementation architectureData migration strategy and execution planSystem integration specificationsInformation security controls documentationRecords Management Operations Records management procedures manualFOI response process documentationInformation lifecycle management workflowsAudit and compliance reporting framework Cross-Portfolio DeliverablesProject Management Artifacts Detailed project plans for each initiativeResource allocation and capacity plansRisk and issue logs with mitigation strategiesStatus reports and executive dashboardsChange management and communication plansFinancial Management Project budgets and forecastsCost-benefit analysis reportsVendor management plans and contractsROI and value realization reportsTraining and Change Management Training needs assessment reportsTraining materials and documentationChange impact assessmentsStakeholder engagement plansUser adoption metrics and reportsGovernance and Compliance Compliance assessment reportsAudit readiness documentationPolicy and procedure manualsRegular compliance monitoring reports Performance Measurement DeliverablesProgram Success Metrics KPI definition and measurement frameworkPerformance dashboards and reportsBenchmark analysis reportsROI and benefits realization reportsQuality Assurance Quality management planTesting strategies and plansUser acceptance testing resultsPost-implementation review reports Transition and Sustainability DeliverablesOperational Readiness Operational handover documentationStandard operating procedures (SOPs)Support model documentationMaintenance and upgrade plansKnowledge Transfer Knowledge transfer plansSystem and process documentationTraining materials for support teamsBest practices documentation Additional Terms Performance ExpectationsQuarterly performance reviews against agreed-upon objectives and deliverablesMinimum 80% achievement of approved quarterly objectivesDevelopment and maintenance of detailed project documentationRegular status reporting as per project management frameworkAdherence to all Supply Ontario policies, procedures, and professional standards Work ArrangementsHybrid work arrangement with minimum 2-3 days per week on-site at Supply Ontario officesFlexibility to adjust schedule based on project needs and stakeholder availabilityAvailability for occasional evening/weekend work during critical project phases Intellectual Property and ConfidentialityAll work products, documentation, and intellectual property created during the engagement remain the property of Supply OntarioStrict adherence to confidentiality agreements and data protection protocolsNon-disclosure agreement required as condition of engagementReturn of all Supply Ontario property and materials upon contract completion Probationary PeriodInitial 90-day probationary period to assess fit and capabilitiesClear performance objectives to be established within first 30 daysBi-weekly check-ins during probationary periodOption to terminate with 5 business days' notice during probationary period Early Termination ProvisionsSupply Ontario may terminate the contract with 10 business days' written notice without causeImmediate termination for:Breach of confidentiality or security protocolsFailure to meet minimum performance standards after documented warningViolation of Supply Ontario policies or professional conduct standardsMisrepresentation of qualifications or experienceExtended unavailability without approved leave Extension and Renewal ProvisionsContract extension is at the sole discretion of Supply OntarioExtension decisions will align with Supply Ontario's internal procurement policies and proceduresFactors considered for extension include but are not limited to: Achievement of defined deliverables and performance metricsOngoing organizational need for servicesBudget availability and value for moneyContractor's demonstrated reliability and cultural fitProject continuity requirementsExtension terms: Maximum extension periods as per Supply Ontario procurement policy adjustments, if any, must align with approved rate cardsAdditional or modified terms may be introduced during extensionExtension process: Review initiated minimum 30 days before contract end dateAppropriate management approvals as per delegation of authorityWritten notice of extension decision provided minimum 30 days before contract endNo guarantee or implicit right to extension regardless of performanceSupply Ontario reserves the right to: Modify role requirements during extension periodAdjust work arrangements and conditionsImplement new policies or proceduresRequire additional qualifications or certificationsContractor acknowledgment: No expectation of automatic renewalExtension discussions do not constitute commitmentRights to compete for other opportunities if extension not granted