Ready to build a rewarding career in an industry that is growing?

Who We Are

We are a global mining company dedicated to safely delivering nickel, copper, cobalt, and platinum group metals essential for the world’s energy transition.

Our mission is to improve lives and shape a better future together.

From utensils to cellphones to satellites, our operations simplify daily life and enhance connectivity. Our metals are integral to life-saving medical equipment and the electric vehicles driving the fight against climate change – our work truly matters.

Join our diverse team of 15,000 talented individuals committed to transforming critical minerals into prosperity and sustainable development in countries like Canada, Brazil, Indonesia, the United Kingdom, and Japan. We invite you to use your skills with us and contribute to something meaningful and enduring.

The Opportunity

We are currently seeking aSenior Manager, Cyber Risk, Audit, Compliance & Data Privacyto join our Information Technology (IT) team inToronto, Canada, supporting all globalVale Base Metalsoperations.

This is a high‑impact leadership role responsible for governing and maturing the organization’s global cybersecurity risk and compliance posture across enterprise IT, cloud, and industrial OT environments.

This role is the governance anchor of the cybersecurity program. It ensures Vale Base Metals can demonstrate due care and due diligence through defensible risk frameworks, regulatory alignment, control assurance, and board‑level reporting. You will own the cybersecurity risk management framework end‑to‑end—spanning threat inventory, risk identification, formal risk acceptance, and treatment tracking.

This opportunity is ideal for a cybersecurity governance leader capable of influencing executives, partnering across global OT and IT teams, and shaping an enterprise control environment that is defensible, measurable, and aligned with global regulatory expectations.

About You

You will lead the global data privacy program and the enterprise cybersecurity training and awareness strategy, ensuring human risk factors are measured, reduced, and transparently reported. In heavily regulated industrial sectors, this function is what keeps the organization on the right side of legal and compliance obligations while equipping the CISO and executive leadership with quantified risk intelligence for strategic and financial decision‑making.

You bring deep experience in cybersecurity governance, risk, audit, compliance, and data privacy withinindustrial, safety‑critical, or highly regulated sectors. You understand how to translate complex technical risk signals into clear business, financial, and operational impact narratives for senior leadership and the Board.

You have a strong ethical foundation and are comfortable guiding decisions tied to risk tolerance, regulatory exposure, and enterprise resilience. You are a structured thinker, a strong communicator, and a collaborative leader able to influence across cultures and functions.

Education:

Required

• Undergraduate degree
• CISSP (mandatory)

Preferred

• Advanced training in risk quantification, privacy, or governance frameworks
• Additional relevant certifications - CISA, CIPP / CIPP‑E / CIPP‑C (Data Privacy), ISO 27001 Lead Implementer or Lead Auditor, CISM or CRISC, FAIR‑CCRL (Cyber Risk Quantification)

Experience:

• 11–15 years of experience in cybersecurity risk, governance, audit, compliance, or data privacy.
• End‑to‑end ownership of enterprise cybersecurity risk management frameworks, including threat inventory, risk identification, risk scoring, formal risk acceptance, and treatment tracking.
• Leading internal and external cybersecurity audits, regulatory engagements, and control assurance programs, ensuring defensible evidence and timely remediation.
• Establishing governance over cybersecurity policies, standards, procedures, and measurable control‑based risk‑reduction mechanisms across IT, cloud, and OT environments.
• Providing data privacy program leadership across multi‑jurisdictional regions, ensuring compliance with global privacy regulations and defensible governance practices.
• Preparing and delivering executive‑level and board‑level cybersecurity risk reporting, translating technical risks into clear financial, operational, and strategic impact narratives.
• Managing third‑party and supply‑chain cybersecurity risk assessments, ensuring alignment with contractual, regulatory, and enterprise control expectations.
• Designing and maintaining cybersecurity maturity models, dashboards, metrics, and continuous‑monitoring capabilities for oversight and decision‑making.
• Leading cybersecurity awareness, culture, and human‑risk reduction programs, including measurement of behavioural risk indicators.
• Managing and developing cybersecurity governance teams operating in global, technically complex, highly regulated industrial environments.
• Deep working knowledge of leading cybersecurity frameworks including ISO 27001/27005, NIST CSF, and CIS Controls, applied in both IT and industrial OT contexts.
• Strong internal control design, testing, validation, and assurance experience across technical and operational environments.
• Ability to develop executive‑ready materials that convey complex cyber‑risk issues in understandable business, regulatory, financial, and operational terms.
• Demonstrated experience working within highly regulated, safety‑critical industrial sectors requiring strict adherence to compliance and risk‑management principles.
• Strong ethical judgment, governance leadership, and the ability to influence enterprise‑level decisions involving risk tolerance and regulatory exposure.

What We Offer You

• Competitive compensation including a variable annual incentive plan
• Participation in a competitive Defined Contribution Pension package
• Comprehensive benefits package (company paid core coverage, health and dental coverage, flex accounts, disability plans, and optional insurances)
• Leave for all of life’s reasons (vacation, personal, sick, parental)
• Work culture dedicated to safety, diversity & inclusion, and career growth
• Employee Family Assistance Program
• Virtual Healthcare online
• Online training and career development opportunities

Why Toronto

Toronto, Canada’s largest city and financial hub, is a center of innovation, commerce, and culture. Known for its diverse economy and vibrant urban environment, Toronto offers unparalleled access to talent, technology, and global connectivity.

Our Toronto office serves as a strategic hub for corporate functions, technology development, and business operations. Here, we drive initiatives that support Vale Base Metals’ global operations, leveraging advanced analytics, digital transformation, and strategic planning to ensure operational excellence across all regions.

Toronto’s dynamic ecosystem enables collaboration with leading technology partners, universities, and research institutions, fostering innovation in mining and metals processing. This location is integral to shaping the future of sustainable mining and advancing our commitment to responsible resource development.

Include to Transform

At Vale Base Metals, we are committed to ensuring an inclusive work environment where people feel comfortable to be themselves. Vale encourages everyone to express their ideas and opinions and values the plurality of individual profiles. We want our people to feel that all.

We want our people to feel that all voices are heard, all cultures respected and that a variety of perspectives are not only welcome – they are critical to our success. We treat each other fairly and with dignity regardless of race, gender, nationality, ethnic origin, religion, age, sexual orientation, or any other personal consideration that makes us different.

Vale is an equal opportunity employer seeking to increase diversity across our operations and improve equal opportunity at Vale and in the mining industry.

Next, priority will be given to Newfoundland and Labrador residents. We also welcome those who are willing to relocate back home and those looking to make NL their permanent home.

Accommodation is available throughout our recruitment process for applicants with disabilities.

Vale uses artificial intelligence to screen, assess, and/or select applicants for this position.

**Pay Grade:**GRF

Minimum Starting Salary: CAD $140000

**Apply by:**Friday, Mar 27, 2026

#ValeBaseMetals