CyberChampions

In a world where marketing hype often overshadows technical depth, Jason Grimbeek, Founder and CEO of Iron Spear Information Security, has charted a different course, one rooted in trust, technical rigor, and pragmatism. Since founding the company in 2011, Grimbeek has quietly built one of Canada’s most respected cybersecurity firms, earning national recognition not through sales tactics, but through consistent delivery of high-quality, actionable results. Today, we recognize Grimbeek as a true Canadian Cyber Champion.

A New Way Forward

After more than a decade in a global consulting firm — one of the “big four” — Grimbeek grew disillusioned with the increasing focus on sales targets and client relationships at the expense of solving real cybersecurity problems. “As you move up in the organization, it became more about revenue and less about the work. I didn’t want to be a partner, I wanted to stay hands-on with security,” he recalls. In response, he launched Iron Spear Information Security with a mission to do things differently. “If a client has a problem, I want to solve it. I want to be the value they need,” Grimbeek says. That value-first mindset won over Iron Spear’s very first major client, Translink and set the tone for the company's next chapter.

Built on Pragmatism and Trust 

At Iron Spear, practicality trumps flash. Grimbeek stresses that cybersecurity should be understandable and usable by everyone, from executives to frontline technicians. “I got tired of generic reports that no one used. We write ours so that even the network guy reconfiguring the firewall knows exactly what to do,” he explains. This focus on delivering clear, honest, and impactful advice, even if it means calling out issues from top to bottom , has become a defining feature of Iron Spear’s approach. “We don’t sugarcoat. We say what needs to be said, and clients appreciate that candor.”

Growing Without Selling 

Perhaps Iron Spear’s most remarkable feat is its growth strategy, or lack thereof. The company has never had a formal sales team. Instead, its steady 46% year-over-year growth has come entirely through word-of-mouth and referrals. “What we deliver is the sales pitch,” says Grimbeek. “If you’re proud of what you hand over to a client, they’ll come back. And they’ll tell others.” This quality-first philosophy extends to every corner of the company. “If a report isn’t ready, we delay it. I’d rather call the client and say we need one more day than deliver something that’s not right.”

That integrity and commitment to excellence have fueled Iron Spear’s expansion from a solo operation into a 25-person firm with offices in Alberta, Saskatchewan, Manitoba, and now Ontario.

Client-Centric Cybersecurity

Iron Spear has also emerged as a go-to partner for organizations frustrated with traditional Managed Security Service Providers (MSSPs). “Many clients don’t feel they’re getting value from their MSSPs,” Grimbeek notes. To address this, Iron Spear helps build client-owned Security Operations Centers (SOCs) and Security Information and Event Management (SIEM) systems. “We give them control, they own it, they define it, and they can choose who manages it,” he explains. This independence is foundational to Iron Spear’s ethos. “We do not sell products. We don’t upsell. We make it clear in our proposals, we’re here to give you the best advice, period.”

Leading Through Tough Times

Iron Spear’s strong client relationships were put to the test during the early days of the COVID-19 pandemic, when many cybersecurity budgets were frozen. Remarkably, one major client stepped up and offered a large project to help support the firm through the uncertainty. “That’s what trusted partnerships are about, trust going both ways,” says Grimbeek.

Advice for Future Cyber Leaders

Grimbeek is also passionate about building the next generation of cybersecurity talent. His advice? Start with the basics. “You need to understand networking , it’s the core of what we do,” he says. He’s cautious about the growing number of certifications and degrees that lack technical depth. “We’ve seen people with master’s degrees who don’t understand foundational IT. That’s a problem.” Iron Spear’s hiring philosophy reflects this as the  company often favors candidates with general IT experience over formal cybersecurity credentials. “We can teach cyber. But you need a solid foundation.”

What’s in a Name?

Even the company’s name carries deep meaning. “Iron is strong, foundational — it’s in our blood. And the spear is both defensive and offensive. That’s what cybersecurity is about,” says Grimbeek, who also notes a personal connection to his African roots in the name’s symbolism.

A Champion for Cyber Done Right 

Jason Grimbeek’s story is a compelling example of how integrity, technical excellence, and genuine customer care can build not just a business, but a legacy. Iron Spear stands as a testament to the fact that in cybersecurity, trust still matters, quality still wins, and relationships built on delivering real value will always stand the test of time.

As Canada continues to face evolving digital threats, it will need more champions like Grimbeek, leaders who put people and problems first, and let performance speak for itself.