Product Security Manager
Canada
KOHO
A no-fee spending account with instant cash back & money management app designed to simplify your personal finances. Sign up in minutes to join over 1 million Canadians who use KOHO's prepaid Mastercard to budget and save.KOHO’s purpose is to empower Canadians to build a great financial foundation with products that are radically transparent and easy to manage. Our journey began in 2014, and we have since built a community of over 600,000 users. Leading investors around the globe believe in our vision, and we’ve successfully raised over $320M to make our vision a reality.
The KOHO collective has grown to 300+ employees to date. Discover our culture here and get the inside scoop from our team here!
About the Role
Reporting to the Director, IT and Security, we are looking for a manager to ensure KOHO products meet security, privacy, and resiliency requirements. This position will lead product security and collaborates with Tech/Engineering, Product, Risk, and Legal teams.
You will work closely with Product teams to understand KOHO product roadmaps and strategy. Lead and develop KOHO’s product privacy and security strategy across all product linesUnderstand product features that impact the privacy and security for our users across all products.
You’ll be a foundational security team member and have significant responsibilities that make an impact on KOHO’s security posture.
What you'll do
- Align security strategy with the product roadmap to ensure user information and privacy is protected
- Facilitate discussion and implementation of security strategy among project stakeholders across the stakeholder groups
- Ensure security compliance and governance requirements are implemented by product and tech teams
- Serve as the subject matter security expert to internal business stakeholders on go-to-market strategy, confidentiality, and additional stages of product development.
- Maintains strong knowledge of ongoing security threats, remediation and operational standard methodologies
- Work and collaborate cross-functionally with Product, Tech, Risk and Legal teams to establish consistent security and privacy for all KOHO products and services
- Participate on incidents related to fraud and abuse of our products
- Develop processes to remediate product risks and drive remediation of vulnerabilities across Tech and Product teams
- Test and recommend tools for Tech and Security teams to implement that reduce product attack surface
- Develop OKRs by collecting, analyzing, and summarizing data and trends.
- Report progress to leadership and stakeholders for all tracked metrics.
Who You Are
- You’ll need at least 3 years experience as a Product Security Engineer or Manager
- Extensive experience with cloud and application architecture and security vulnerabilities
- Hands-on experience with developing product security roadmaps and developing implementation plans
- Demonstrated experience with implementing security and privacy features
- Previous experience influencing Product and Engineering teams
- Experience with security frameworks and standards such as PCI-DSS, SOC2, and ISO27001
- Bachelor’s degree in Computer Science, IS, Security, or Engineering
- Experience working in credit, banking, payment card processing and/or finance preferred
We invest time and resources into making sure KOHO is as good as the people we hire. Here are some of the reasons we attract and keep the best people:
• Balance Your Life - Company-wide Summer wellness days, Winter holiday closure, unlimited Personal Days, a wellness spending account, and maternity & parental leave top-up.• Remote First - Work from anywhere in Canada with a budget to set up your home office• Level Up - Access to 3 in-house certified performance coaches and an annual training budget. • Reach Your Goals - Salary assessments twice per year, GRSP matching.• The KOHO Culture - We have won 7 "Great Place to Work ®" awards since 2019.
The KOHO culture is one of collaboration, creativity, and diverse perspectives. We are committed to building and fostering an inclusive, accessible environment for everyone. If you have any questions, concerns, or requests regarding accessibility needs, please contact peopleaccessibility@koho.ca and the People and Culture team will be happy to help.
#LI-Remote #LI-MD2
Tags: Banking Cloud Compliance Computer Science Finance Governance ISO 27001 OKR Privacy Product security Security strategy SOC 2 Strategy Vulnerabilities
Perks/benefits: Career development Home office stipend Parental leave Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs