Director of Information Security

Toronto

Hopper logo
Hopper
Apply now Apply later

Posted 4 weeks ago

ABOUT HOPPER
At Hopper, we’re on a mission to make booking travel faster, easier, and more transparent. We are leveraging the power that comes from combining massive amounts of data and machine learning to build the world’s fastest-growing travel app -- one that enables our customers to save money and travel more. With over $235M CAD in funding from leading investors in both Canada and the US, Hopper is primed to continue its path toward becoming the go-to way to book travel as the world continues its shift to mobile.
Recognized as the fastest-growing travel app by Forbes and one of the world’s most innovative companies by Fast Company two years in a row, Hopper has been downloaded over 40 million times and has helped travelers plan over 100 million trips and counting. The app has received high praise in the form of mobile accolades such as the Webby Award for Best Travel App of 2019, the Google Play Award for Standout Startup of 2016 and Apple’s App Store Best of 2015. 
Take off with us!
THE ROLE
As Director of Information Security, you will lead Hopper's security, data privacy and compliance initiatives in Hopper's B2B partnerships group. This role represents a key leadership position responsible for safeguarding Hoppers's data to the highest standards, assuring the trust of our customers and partners. As a leadership position at Hopper, the candidate will also champion our leadership principles as we continue to diversify and scale the business.

IN THIS ROLE, YOU WILL:

  • Direct and coordinate implementation of security and compliance requirements across IT, Engineering, and Facilities teams
  • Provide leadership and serve as primary domain knowledge expert in Security, spanning Security Management, Security Architecture, Security Analysis, Security Operations and Security Engineering
  • Serve as the key interface with internal and external auditors for security compliance related activities
  • Participate as a member of the Engineering leadership team in governance of Hopper's information security strategies
  • Evaluate and manage outside consultants and vendors to support internal security capabilities
  • Lead incident response for cybersecurity-related incidents
  • Lead static code analysis and security threat modeling
  • Lead network and systems security including standards and annual tests.
  • Lead strategic information security planning to achieve business goals by prioritizing defensive initiatives and coordinating the evaluation, deployment, and operation of information security technologies
  • Collaborate with Engineering leadership to build alignment between security and application architectures
  • Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for information system security administration and user system access based on industry-standard best practices.
  • Develop effective relationships across the company to reinforce cybersecurity compliance.
  • Ensure that effective disaster recovery policies and standards are in place and maintained.
  • Provide leadership coaching to more junior members of Hopper and be a voice of our leadership principles

A PERFECT CANDIDATE HAS:

  • Technical Degree(s) in computer science, engineering or a related field
  • CISSP certification, CISM is a plus
  • Up-to-date knowledge of global regulatory issues and trends in IT Security and Data Privacy
  • Strong understanding of IT Security metrics
  • Experience with creating a complete set of IT Security and Data Privacy policies, processes and procedures
  • Excellent understanding of appropriate IT controls as well as IT audit approaches
  • Excellent understanding of current technologies and approaches to ensure IT Security and protect data leveraging cloud and mobile technologies
  • Deep expertise with one or more public cloud platforms (AWS, GCP)
  • Demonstrated expertise securing public cloud accounts, ideally in a hybrid-cloud model
  • Experience with DevOps and/or Site Reliability Engineering
  • Worked in Agile delivery teams and environment
  • Held leadership roles
  • Built diverse teams of exceptional individuals
  • Excellent writing skills and the ability to use influence as effectively as direct control
  • Past success analyzing data, drawing accurate conclusions, and adjusting strategy accordingly
  • A strong focus on doing what is right for the customer and the company
  • A collaborative nature, working with diverse teams, from business leaders to individual contributors
  • Experience creating automated solutions & eagerness to automate
  • Experience in Financial Services, Travel or Mobile is a plus
BENEFITS
• Well-funded and proven startup with large ambitions, competitive salary and stock options• Dynamic and entrepreneurial team where pushing limits is everyday business• 100% employer paid medical, dental, vision, disability and life insurance plans• Access to a 401k (US) or Retirement Savings Plan (Canada)
Job tags: Architecture AWS CISM CISSP Code analysis DevOps Go Google Incident response Machine Learning Strategy