Information Security Lead Jobs in British Columbia

Establish a risk management framework for retail, identifying, assessing, and prioritizing cybersecurity risks and implementing mitigation strategies.

Oversee security incident response, ensuring effective management, investigation, and communication.

Ensure compliance with industry-specific regulations and standards, such as PCI-DSS, GDPR, and other data privacy requirements.

Maintain a deep understanding of retail-specific regulatory requirements, industry standards, and compliance obligations.

Relevant certifications such as CISO, CISSP, or similar leadership-level certifications are strongly preferred.

7-10 years of experience in cybersecurity, with at least 10 years in leadership positions.

Develops and implements changes to existing procedures for secure management of data and information systems access controls.

Employee & Family Assistance Program

Extended health & dental coverage

Reviews and assesses operational processes both current and planned to ensure alignment with IHA security policy and industry best practice.

Conducts periodic compliance reviews, risk analysis, electronic audits and ongoing investigations.

Performs other related duties as assigned.

Assists in preparation and management of the budget for assigned portfolio and responsible for managing margins.

A diploma in Security Management, Criminology, Health Care

Ensures site based contractual obligations are fulfilled, including but not limited to staffing requirements with a 100% shift-fill rate.

Skills and ability to lead, plan, organize, delegate and problem solve.

Proven ability to effectively supervise / manage people.

Assists in developing, implementing and maintaining security plans and high risk department evaluations. Establishes policies and procedures to support security plans.

Assists in preparation and management of the budget for assigned portfolio and responsible for managing margins.

Proven ability to effectively supervise / manage people.

Assists in developing, implementing and maintaining security plans and elevated risk department evaluations.

Conducts risk assessments and provide recommendations for security and safety improvements.

Provides after-hours support for Security Operations within the portfolio, including providing emergency response to sites.

Performs other duties as required.

Experience with common information security management frameworks, such as ISO 2700x, COBIT, or NIST

Strong management and team-building skills

Problem-solving, negotiation and decision-making skills to influence management, as well as internal and external partners

Implement a security framework to manage technological risk management

Implement a security framework to manage technological risk management including TRA/PIA assessments during project delivery cycle

Works with IS management team and 3rd party PaaS, SaaS and IaaS vendors

- Experience working within risk management and audit

- 3-5+ years of experience working within a technical security background

- Strong communication skills and has the ability to work cross-functionally

- Knowledge of security cloud-based environments such as AWS and Microsoft Azure

- Has worked within compliance previously and understands the foundations of security

- Completed documentation regarding security compliance and protocols

Familiarity with information security documentation requirements, certification and accreditation processes, and general reporting requirements for ISO 27001 industry security standard

Support in the development of Avidbots Information security policies, procedures, and standards to meet compliance responsibilities.

Provide information security subject matter expertise as required in support of product development requirements.

Working knowledge of system and network security engineering best practices

Professional certification in Information Security (CISSP, SSCP, CCSP)

Strong analytical skills with the ability to problem solve complex information security issues

SOC/NOC experience desired. Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM/log management, ID/IPS.

Strong organization and time-management skills

Work with different teams including network operations and R&D to protect management information system and FortiGuard infrastructure.

Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, etc.) and regulatory frameworks (HIPAA, GDPR, etc.)

3+ years of experience in information security analyst/penetration tester role.

Hands-on experience on FortiSIEM, FortiSOAR, and FortiAnalyzer is desirable.

Proven ability to work with competing resources, budget limitations, and strong conflict management and problem-solving skills.

Process/Project Management: skilled at figuring out and managing the processes and timelines necessary to get work accomplished

Manage reporting staff, including selection, coaching, mentoring, development, performance management and all other people-management practices, including DE&I.

Manage Hootsuite’s various application security testing processes, including internal and external pen-tests, code scans, architectural reviews and vulnerability management.

Manage day-to-day operations of our Security Incident Response team, on-call schedule and relationship with our Managed Security Service Provider (MSSP)

Manage SecDevOps aspects of our production and IT infrastructure in coordination with the cloud operations, R&D and IT teams.