Manager, Information Security
Toronto, Ontario, Canada
Applications have closed
What you’ll be doing:
- Analyze SOC2 and PCI DSS reports and engage engineering and operation teams to implement security controls and process improvement initiatives.
- Take ownership and maintenance of technical security and SOC2 policies and procedures, and relationships with security vendors.
- Review security scan, penetration test, security monitoring, compliance reports on a regular basis.
- Perform security risk assessments and work with stakeholders to review IT security objectives and goals through interviews and other audit techniques.
- Participate in data governance and business continuity planning.
- Review change requests from security perspective and lead the team through security related incidents.
- Perform secure code review and deliver security code training to engineering teams.
- Implement security monitoring.
- Keep the company’s security technology and system current and stay aware of trending security threats.
What we are looking for:
- Bachelor’s degree in Computer Science, Information Systems or other related field, or equivalent work experience.
- An expert in cyber security, with hands on experience managing security standards and requirements in full software development lifecycle.
- Hands-on experience with AWS security management using tools such as AWS GuardDuty, Security Hub, Inspector and Detective. Good understanding of AWS services such as S3, lambda, ECS and Cognito.
- Hands-on experience with WAF, Access Management, SIEM, Anti-Malware, Vulnerability Scanning, Data Loss Prevention.
- Previous experience as an Information Security Manager and all aspects of the specified responsibilities.
- Solid understanding of data security and encryption standards.
- Experience in one or more scripting languages such as python.
- Knowledge of various framework and standards, most importantly with SOC2 and PCI DSS.
- Master’s degrees or certifications in information security and management, such as CISSP, CISM, CISA, AWS Certified Security, are an asset.
- Exposure to international data privacy law is advantageous.
- High attention to detail & excellent written and oral communications.
- Coding experience with React, Java, Python, Node.js or application development experience in AWS is a bonus, but not a replacement for security focus experience.
What we offer:
- Highly competitive base salary
- Equity
- Paid holidays
- Birthday day off
- Free food Friday
- Choice of equipment
Tags: AWS CISA CISM CISSP Cloud Compliance Computer Science E-commerce Ecommerce Encryption Governance Java Lambda Malware Monitoring Node.js PCI DSS Privacy Python S3 Scripting SIEM SOC 2
Perks/benefits: Competitive pay Equity Flex vacation Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs