The Opportunity
Company, Department: Nova Scotia Power, Cyber Governance, Risk & Strategy
Location: Halifax, Nova Scotia
Type of Employment: Permanent, Full-Time
Closing Date: July 17, 2026
We are looking for a Manager, Cyber Governance, Risk & Strategy to join our IT Infrastructure & Cybersecurity team in a permanent position. In this role you will be reporting to the Director, IT Infrastructure & Cyber Security.
In this role you will be accountable for establishing and overseeing the enterprise cybersecurity governance, risk, and strategic planning capabilities. This role ensures cybersecurity strategy, investment prioritization, and risk management activities are aligned with business objectives and embedded into IT and OT operations to effectively manage cyber risk. The Manager is accountable for balancing cybersecurity risk management with business outcomes, ensuring cybersecurity services are pragmatic, value‑driven, and enable the organization to operate securely, reliably, and efficiently.
Key elements of this role include:
Cyber Strategy & Planning
- Accountable for the enterprise cybersecurity strategy and multi‑year roadmap, ensuring cybersecurity capabilities support business objectives, risk appetite, and regulatory expectations.
- Set strategic direction, priorities, and success criteria for cybersecurity programs and initiatives delivered through managed service arrangements.
- Own decision‑making related to capital planning, investment decisions, and multi‑year cybersecurity budgets.
Governance and Risk
- Own the enterprise cybersecurity governance framework, including policy intent, standards approval, oversight forums, and defined cyber risk acceptance authorities.
- Ensure enterprise cyber risks are identified, assessed, tracked, and reported through established risk management and governance processes.
- Accountable for cybersecurity risk transparency, escalation, and decision‑making at the executive and enterprise risk level.
- Ensure alignment between cybersecurity governance, enterprise risk management, and IT compliance frameworks.
- Provide direction and oversight to ensure cybersecurity risk and governance outputs effectively inform business, technology, and regulatory decision‑making.
Cyber Compliance
- Accountable for enterprise cyber compliance outcomes and alignment to applicable regulatory, contractual, and internal control requirements.
- Ensure the cyber control program is appropriately defined, maintained, and aligned with enterprise risk, regulatory, and IT compliance expectations.
- Establish and support a dotted‑line collaboration model between the Cyber Compliance Lead Assessor and IT Compliance
- Oversee the planning, scheduling, and coverage of cyber compliance assessments, including approval of the annual cyber assessment calendar for critical assets
- Accountable for escalation, remediation prioritization, and risk acceptance decisions arising from cyber compliance assessments
Third‑Party Risk Management
- Own the third‑party cyber risk management program, including due diligence, ongoing assessments, and risk remediation.
- Ensure cybersecurity requirements are embedded into vendor lifecycle, procurement, and contractual processes.
- Oversee the effectiveness of third‑party cyber risk management activities performed through managed services.
Cyber Asset & Business Continuity Alignment
- Ensure cyber asset management practices support risk‑based decision‑making and resilience objectives.
- Oversee alignment between cybersecurity governance and enterprise business continuity and resilience planning.
Education & Awareness
- Sponsor and set expectations for enterprise security awareness, training, and communication programs.
- Ensure awareness initiatives support desired risk behaviors and organizational outcomes.
These skills will make you successful:
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or a related field.
- 7+ years of experience in cybersecurity strategy, risk management, or governance roles.
- Demonstrated experience leading enterprise‑level cyber risk and governance programs.
- Certifications such as CISSP, CISM, CRISC, or equivalent preferred.
- Proven experience in developing and implementing cybersecurity strategies and programs.
- Excellent leadership, communication, and interpersonal skills
- Demonstrate experience engaging with senior business and operational leaders to influence cybersecurity outcomes aligned with business objectives.
Skills
- Ability to manage service providers, contract management (SLAs) and delegated service ownership models.
- Strong understanding of the NIST Cybersecurity Framework and enterprise risk management concepts.
- Strong understanding of enterprise business operations, financial drivers, and risk trade‑offs.
- Strategic planning, stakeholder engagement, and executive communication skills.
- Effective collaboration and teamwork skills.
- Ability to manage multiple projects and priorities in a fast-paced environment.
- Analytical and problem-solving abilities.
We understand that experience comes in many forms, and we’re dedicated to adding new perspectives to the team. So, if your experience is close to what we’ve listed above, please consider applying.
Learn more about our culture and values
At the Emera Group of Companies, you’ll be part of an inclusive, respectful workplace where everyone is welcomed and supported. Come build a career as unique as you are: making an impact from Atlantic Canada to the world. Your experience and perspective will help us to safely deliver cleaner, more reliable energy to our customers.
If working in an innovative environment, challenging yourself, and shaping a cleaner energy future inspires you, we want to hear from you. Apply by July 17, 2026 and let us know why this role is right for you.
The perks of joining our team? We offer:
- Flexibility: Hybrid work model with one flexible remote work day.
- Health & Wellbeing: A comprehensive benefits plan, 24/7 access to virtual health care services for you and your family through Dialogue, access to a free on-site fitness centre, Employee and Family Assistance Program, parental leave top-up plan and wellness benefits.
- Grow Your Career: Opportunities to advance within and between our affiliate companies, a focus on employee development and available sponsored education programs.
- Community Engagement & Care: Corporate investments in the places where our people live and work, mentoring opportunities, fundraising-matching, volunteer programs, various committees and employee resource groups, and scholarships for children of employees.
- Competitive Compensation: Short-term incentive plan and a Defined Contribution Pension Plan.
Diversity, Equity & Inclusion at Emera
As one of Atlantic Canada’s largest publicly traded companies, we are ranked one of Canada’s Top 100 Employers, Top Employers for Young People and Top Diversity Employers. We know our success is driven by our dedicated teams and we strongly encourage applications from all qualified candidates, including persons who identify as racially visible, Indigenous, persons with disabilities, women in underrepresented roles and members of the 2SLGBTQ+ community.
Applicants from these equity groups may self-identify through the online application process. We support candidates and employees with access and accommodation needs and encourage you to let us know when you require accommodation.
Recruitment & Promotion Policy
The success of the Emera Company is driven by its people: a strong team with a shared commitment to support the Emera Company mission and values. The purpose of our recruitment policy is to provide a consistent framework to support fair and equitable attraction, hiring, and retention of the best talent for vacant positions. We are dedicated to maintaining a fair hiring process that provides equitable opportunities to all our applicants and is guided by our company values.
If you have any questions about this opportunity or if you are experiencing any technical difficulty with the application process, please email careers@nspower.ca