The Director of Security & CISO is responsible for leading and managing all aspects of the organization's information security program. This includes developing and implementing security policies, procedures, and controls to protect the confidentiality, integrity, and availability of the organization's data and systems. We're seeking a candidate with experience working for software, SaaS or related industries, this is a prerequisite. This role reports into the VP, Technology.

Key Responsibilities: 

• Develop and implement a comprehensive information security strategy: Aligned with business objectives and industry best practices, this strategy should encompass all aspects of information and cybersecurity, including policy development, threat intelligence, risk management, incident response, and data protection.
• Conduct risk assessments and vulnerability scans: Regularly assess the organization's security posture, identify and prioritize risks, and implement appropriate mitigation strategies.
• Develop and maintain security policies, standards, and procedures: Ensure compliance with relevant industry standards and regulations where appropriate (e.g., ISO 27001, NIST Cybersecurity Framework, GDPR, CCPA).
• Support sales and marketing: For corporate account inquiries regarding are IT practices and compliance.
• Manage security incidents: Lead the investigation and response to security incidents, including data breaches, malware attacks, and ransomware.
• Advise senior management on security matters: Provide expert guidance on security-related decisions, including technology investments, vendor selection, and business continuity planning.
• Stay abreast of emerging threats and technologies: Monitor the evolving threat landscape and ensure the organization's security controls are adapted accordingly.
• Build and maintain strong relationships with key stakeholders: Collaborate with IT, Product, HR, and other departments to ensure a coordinated approach to security.
• Promote security awareness within the organization: Conduct security training programs for employees and educate them on best practices for data protection. 

Qualifications & Skills:  

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 10+ years of experience in information security roles, with at least 5 years in a senior leadership position.
• Proven experience in developing and implementing comprehensive information security programs.
• Strong understanding of cybersecurity frameworks, standards, and regulations.
• Experience working for software, SaaS or other related industries is essential. 
• Excellent leadership, communication, and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong analytical and problem-solving skills.
• Relevant certifications (e.g., CISSP, CISM, CISA) preferred.
• Strong networking & cloud security skills (AWS).
• Experience with Agile, DevSecOps etc

What we Offer: 

• Competitive base salary
• Personal & corporate bonus
• Health & Dental benefits
• RRSP Matching
• Hybrid work model (2 days in office/week)