Director, Information SecurityExpired

Fabriik
 Canada
  •  Fully Remote
  •  
  • Share on

Reimagine Prosperity.

We believe there’s a better way – where possibilities are limitless, not limited. We see a new future for financial services.

Our mission is to evolve the very fabric of the global financial system, for the billions of people locked out and locked in. We’re weaving a better future of finance, so everyone can thrive.

Key Responsibilities 

  • Developing, implementing and monitoring a strategic, comprehensive enterprise information security risk management program and framework;
  • Working directly with the business units and functional units to facilitate risk assessment and risk management processes;
  • Providing oversight and ensuring the consistent application of policies and standards across all projects, systems and services;
  • Partnering with business stakeholders across the company to raise awareness of risk management concerns;
  • Establishing and implementing monitoring framework for internal digital operations to ensure compliance to security standards and policy, including leading internal audits of performance and compliance;
  • Establishing effective reporting processes that support management discussion and leadership decision making about information security plans and objectives;
  • Liaising with technology team leadership to build alignment between the security and enterprise architectures, and ensuring that information security requirements are implicit in network architectures;
  • Developing, deploying, and maintaining the security response procedures for organizational response to security incidents;
  • Continuously monitoring the external ecosystem for emerging risks and mitigating solutions; and,
  • Building and developing a global information security team, providing mentorship and ensuring redundancy and succession planning plans are in place.

 

Candidate Profile

  • At least 5 years of progressive information security experience (preferably in Saas environment)
  • Security Certifications such as CISSP or related GIAC certs
  • Hands on Experience securing cloud application environments
  • Experience securing endpoint software applications
  • Proven ability to build a secure software development lifecycle, and build security best practices as part of an agile development environment
  • Expert understanding of the business impact of security tools, technologies and policies
  • Experience working within legal, audit and compliance guidelines
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
  • Experience with common compliance standards, such as PCI DSS and SOC Type 2
  • Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls
  • Familiarity with the principles of cryptography and cryptanalysis
  • Experience in application technology security testing (closed box, open box and code review)
  • Experience in system technology security testing (vulnerability scanning and penetration testing)
  • Able to recognize talent, develop individuals, and build strong teams and relationships

If this sounds like a role that could be an exciting next step in your career, our team looks forward to hearing from you!

At Fabriik, we value diversity of all types. Our team is made up of smart, collaborative and thoughtful people with a wide range of backgrounds, skills and experiences.

Fabriik is an equal opportunity employer and we are committed to a diverse and inclusive workplace. We welcome applications from qualified individuals from all backgrounds. Accommodations are available upon request in all phases of the selection process. We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

This job post is no longer available. Click the button below to view available jobs.

Back to job board