What if you could redefine what's possible? With us, you can.
With us, you can. You want Purpose. Growth. Opportunity. People who get it.
We are the home of ambitious, passionate, and innovative world shapers.
With an unmatched breadth and depth of engineering, advisory and science‑based expertise, our global minds unite to power local solutions.
We are pathfinders and impact makers.
We are Visioneers.
We are WSP
The Opportunity
Drive Secure Growth Through Strategic Transformation
Play a pivotal role in shaping secure business growth as an Information Security Manager, Mergers & Acquisitions. In this role, you will lead critical security due diligence, risk evaluation, and integration efforts across acquisitions, divestitures, and joint ventures—ensuring every transaction aligns with WSP’s security framework and risk posture.
You’ll collaborate with Corporate Development, Legal, IT, and executive stakeholders to assess, advise, and integrate security practices within a fast-paced, deal-driven environment, directly influencing the success and resilience of strategic business initiatives across Canada.
Your Impact
- Lead information security due diligence activities for mergers, acquisitions, and divestitures.
- Perform pre-acquisition security risk assessments, including evaluation of policies, controls, technologies, and cyber maturity.
- Identify key security risks, liabilities, and remediation requirements, including regulatory, contractual, and operational risks.
- Work with security penetration testing vendors to coordinate, track, and evaluate penetration testing activities, as well as remediation schedules.
- Coordinate breach assessment activities in line with transaction schedules.
- Provide clear, actionable risk reports and executive-level summaries to support transaction decision-making.
- Support deal teams in defining security-related representations, warranties, and contractual requirements.
- Work with M&A Operations to develop and maintain security integration playbooks and frameworks aligned with WSP standards.
- Define Day 1 security expectations as well as day 30/60/90 security integration plans where necessary, including identity, network, endpoint, data protection, and monitoring controls.
- Coordinate the execution of security integration activities across IT, infrastructure, and business teams.
- Ensure alignment of acquired entities to WSP’s security policies, standards, and ISO27001-aligned ISMS.
- Track and report on integration progress, risks, and remediation activities.
- Ensure M&A activities are aligned with WSP’s Information Security Governance framework and risk management processes.
- Act as the primary security advisor for M&A initiatives, providing guidance on risk acceptance, mitigation strategies, and prioritization.
- Maintain documentation and audit trail supporting due diligence decisions and integration activities.
- Participate in governance forums and provide updates on transaction-related security risks and status.
- Develop strong working relationships with Corporate Development, Legal, IT, and regional business leadership.
- Act as the central coordination point for all security-related M&A activities.
- Communicate complex security risks and integration strategies clearly to both technical and non-technical stakeholders.
- Support client-facing or third-party interactions where required during transactions.
- Assess third-party and inherited vendor risks associated with acquired entities.
- Ensure appropriate risk treatment plans are defined and executed for high/critical risks.
- Align acquired third-party relationships with WSP’s third-party cyber risk management framework.
- Develop and enhance M&A security assessment methodologies, tools, and templates.
- Contribute to the evolution of WSP’s security standards, policies, and playbooks based on lessons learned.
- Identify opportunities to streamline and automate assessment and integration processes.
- Support awareness and training initiatives related to M&A security risks across the organization.
The Skills That Set You Apart
- Bachelor’s degree in Information Technology, Computer Science, Business, Risk Management, or a related field (or equivalent experience).
- 4–8 years of experience in information security, IT risk, or cybersecurity, including at least 2 years supporting M&A security due diligence or integration.
- Proven experience leading security risk assessments, control evaluations, and compliance activities.
- Strong project management skills with the ability to lead multiple concurrent workstreams end-to-end independently.
- Working knowledge of ISO 27001, NIST CSF, and CIS Controls.
- Broad expertise across core security domains including IAM, network and endpoint security, data protection, vulnerability management, and monitoring.
- Experience in third-party/vendor risk management and security assessment methodologies.
- Strong communication, stakeholder engagement, and analytical skills with the ability to operate in fast-paced environments.
Why Choose WSP?
Why Choose WSP? We exist to shape communities to advance humanity. The brightest engineers, advisors and scientists from across the globe call WSP home.
• Proudly Canadian – we are a Top 100 Employer in Canada for 2026.
• A global community of brilliant minds – your next idea, mentor, or opportunity is always within reach.
• Limitless opportunities start here. Whether it’s across the country or around the globe, we help you tailor your role to match your ambition — because your growth drives ours.
• Flexible work, real balance – we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours.
#WeAreWSP
Compensation
AB, BC, NT, NU, SK & YT: $135,200 - $179,100
MB & ON: $123,300 - $169,800
NB, NL, NS, PE & QC: $122,100 - $162,200
Disclosure:
The final salary awarded for this role may vary from the above range based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, seniority, geographic location, performance, and business or organizational needs. The wage range provided in this job posting may be subject to change for business purposes.
Ready to Drive Secure Growth? Make Your Mark.
Join WSP and play a critical role in enabling secure, strategic business transformation. Your expertise will directly shape how we evaluate risk, integrate new organizations, and safeguard our future.
Apply today and help redefine what secure growth looks like.
#LI-Hybrid