Wave HQ
Join a team of career go-getters with heart who are building for small business
online accounting • small business • software development • SaaS • invoicing and payments
201 - 500
Director, Information Security
2 days ago
🔄 Hybrid – Toronto
Wave HQ
Join a team of career go-getters with heart who are building for small business
online accounting • small business • software development • SaaS • invoicing and payments
201 - 500
Description
• Own and manage security processes with accountability for successful audit compliance (SOC2, PCI, HIPAA) and developer productivity metrics • Drive tooling simplification and management of access controls in order to reduce costs, business complexity and risk • Developing long term vision (2+ years) and though leadership (SMEs) for the security origination in partnership with Corporate IT, Compliance and Risk • Refining security team roles and developing role guidelines, including career development paths • Defining and improving the security incident management process • Working with stakeholders to ensure that security is a primary focus across all of Wave, including education • Rolling up your sleeves for hands-on work configuring security tools, monitoring and alerting • Proactively identifying gaps in Wave’s security posture and developing solutions and standards to address potential threats • Performing security reviews for new technologies and vendor risk assessments to enable the business to make informed decisions • Conducting threat and risk analysis of our cloud-based systems, applications and supply chains • Investigating and triaging security incidents and conducting technical and forensics evidence gathering • Driving compliance activities including regular reviews and audits • Coaching and growing a team of Security Engineers
Requirements
• 7+ years of progressive experience that includes designing and implementing an enterprise information security strategy and program • 5+ years of related experience in a leadership role in an Cloud/SaaS Infrastructure environment (i.e. AWS) • Previous experience managing a team or acting as a team lead responsible for a technical team • Demonstrated information security experience across multiple disciplines (ops, engineering, incident response, application security, etc) • Experience implementing regulatory frameworks such as SOC, PCI, HIPAA, SOX, PIPEDA • Competent with a common scripting language (Python) • Ideal candidate has experience working with SaaS and/or FinTech organizations
Apply Now