Security Engineer (Remote First)

Zensurance is a scale-up InsurTech company that is re-imagining the commercial insurance market. At Zensurance, we want to empower small businesses across Canada to thrive by offering an honest, simplified, and modern approach to insurance. Our main recipe is a combination of modern technology and insurance industry expertise powered by our talented team members. 
Being a technology-forward company, we utilize various tools and platforms to create fun, engaging and meaningful work experiences for our employees, as a remote-first company.
We are boldly going where no insurance broker has gone before!
The IT team supports Zensurance and its team members with a full life-cycle of technology support (from on-boarding - to offboarding). The team also supports and works closely with every team across Zensurance in providing technical support, implementation of technologies, and guidance for programs and initiatives related to their department.
Reporting to the Associate Director, IT, you will be responsible for supporting our company-wide information security management program to ensure that information assets are adequately protected. 
You will proactively work with Zensurance business units to implement practices that meet defined policies and standards for information security. The role also assists in a variety of IT-related risk management activities and includes the day-to-day support of various information security programs and initiatives. 
As an individual contributor, you will collaborate closely with the Associate Director to coach and mentor colleagues across the organization. You'll play a key role in supporting the Technology Leadership Team with employee training and development initiatives, aiming to continuously improve the team's technical capabilities and delivery excellence.

Responsibilities

• Program support: Facilitate information security governance, policies, and standards.
• Lead awareness training and collaborate on risk assessment.
• Provide regular reporting and support security incidents.
• Security Liaison: Assist resource owners and IT staff with audit failures.
• Liaise between security and enterprise architectures.
• Manage security issues, incidents, and reporting metrics.
• IT/Engineering Support: Implement technical configurations and automate security workflows.
• Maintain application security mapping and consult on software selection.
• Consult on security integration in application evaluation and installation.
• Operational Support: Coordinate security management and vendor compliance.
• Manage incident response and maintain a security knowledge base.
• Oversee security testing procedures and remediation efforts.
• Perform other duties as assigned.

Requirements

• University degree or college diploma in a recognized technical, vocational or academic program (preferably in InfoSec or Cyber Security) or equivalent work experience.
• 3+ years working in Information Security, preferably in an agile and fast paced environment.
• Demonstrated proficiency in interpreting stakeholder expectations and translating them into comprehensive technical plans and requirements, followed by successful implementation of said plans in a technical capacity.
• Experience with identity management software and capabilities such as single sign on (SSO), just in time (JIT) provisioning, and system for cross domain identity (SCIM) in tools such as JumpCloud, Okta, Auth0, PingIdentity, etc.
• Experience with configuring and maintaining endpoint and email security platforms such as Crowdstrike, Mimecast, etc.
• Experience configuring and maintaining network security solutions such as Netskope, ZScaler, etc.
• Experience facilitating implementation and execution of policies and processes across an organization.
• Experience writing and adapting cyber security policies, auditing and performing security gap analyses.
• Experience with common information security management frameworks and compliance standards, such as the CIS Controls v8, NIST, ISO 27001, SOC 2, PIPEDA, PCI.
• Experience working with legal, audit and compliance staff.
• Experience in working with, documenting, and implementing Cloud security controls for AWS or similar Cloud providers.
• Proficiency with Google Workplace, Zoom, Slack and Microsoft Office (Excel and Word).

Nice to have

• Proficiency with Application Programming Interfaces (APIs), including utilizing various API functionalities to enhance security posture in various systems is considered an asset.
• Security certifications such as CISSP, CISA, CISM, GIAC, CBCP, MBCI, or similar are preferred.
• Experience with automation workflow tools such as Zapier is considered an asset.

Perks we offer at Zensurance:
• Opportunity to work for Canada’s fastest-growing #insurtech scale-up • Primarily remote work environment available to everyone• Laptop, extra monitor and main accessories are provided • Extra home office and supplies allowance to help with work-from-home set up• Comprehensive and flexible health and dental plans to suit all lifestyles, including mental health • Health/Personal Spending Accounts to subsidize your healthy habits and purchases• Parental Leave Top Up• Weekly Friday companywide huddles for casual catch-ups with other departments• Build next-level relationships with your peers through scheduled companywide virtual and in-person team-building events• Be a part of something special. We are confident you won’t find any other insurance company like us :)
Who we are. What we're building.
Business is hard work, insurance doesn’t have to be!
At Zensurance we believe that teamwork makes the dream work.
We are passionate about providing business owners with the best insurance solutions at great rates through an online and easy-to-use platform.
Our secret sauce is all about our culture. Here at Zensurance our culture is built on four core values that we live and breathe daily. They are:
INTEGRITY: We do what's right.INCLUDE: We are an open and safe space for all.INVENT: We take an innovative approach to creating straightforward solutions for our customers.DELIVER: We set ambitious goals and hold ourselves accountable for achieving them.
Zensurance celebrates diversity in its workforce structure and encourages applications from all backgrounds.
Zensurance is an inclusive employer that celebrates diversity in its workforce structure. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the recruiter if you require accommodation; to ensure your accessibility needs are accommodated throughout this process. Information received relating to accommodation will be addressed confidentially.
We understand that looking for a new exciting opportunity can be time-consuming. We truly appreciate your time in going through the job posting and applying for a position with us.