Information Security Compliance

2 weeks ago

Old Toronto, Canada Athennian Group Full time

Athennian increases trust in business. Our products help legal, finance, and tax teams be transaction and audit-ready by organizing business entity and corporate structure information. Over 370,000 business entities in almost every country are managed on Athennian to automate workflows for ownership, company secretarial, governance, tax, and compliance.

We are seeking a Head of Privacy and Information Security to join our Engineering Technology team in a full-time, permanent capacity. Reporting to the Engineering Manager, DevOps, and Infrastructure, the Head of Privacy and Information Security will play a key role in shaping a culture of privacy-first principles and data security, ensuring Athennian complies with evolving privacy regulations while strengthening its overall security posture through robust policies, technical controls, and educational initiatives.


Key Responsibilities:
  • RFP/RFI Management - Oversee the end-to-end process of responding to security-related RFPs, RFIs, and questionnaires. This includes analyzing requirements, collaborating with internal teams to create thorough responses, and ensuring timely, accurate submissions. Maintain detailed records and facilitate clear communication with clients, vendors, and internal stakeholders.
  • Privacy and Security Strategy & Oversight: Develop and implement an organization-wide privacy and information security strategy that aligns with regulatory requirements and best practices. As the Company’s Head of Privacy, serve as the primary point of contact for data privacy matters, ensuring compliance with privacy laws, overseeing data protection practices, and advising on privacy implications across all company operations and new initiatives.
  • Compliance and Data Protection Standards: Ensure compliance with industry regulations (e.g., GDPR, SOC2, ISO 27001) by establishing and maintaining robust data protection policies and information security standards. Assist with audits and evidence gathering related to SOC2 compliance and other privacy frameworks, providing oversight for security controls and data protection measures.
  • Data Governance and Risk Management: Conduct and document security and data privacy risk assessments, compliance reviews, and communicate risk mitigation strategies to senior leadership, engineering, and relevant stakeholders.
  • Security Infrastructure and Vulnerability Management: Monitor both on-prem and cloud infrastructure for vulnerabilities, assess risk factors, and implement solutions to improve security and data protection.
  • Privacy by Design: Partner with product and engineering teams to embed privacy and data protection principles in the product lifecycle, from initial design to deployment.
  • Security and Privacy Awareness: Lead employee security and privacy training initiatives focused on email threats, data handling, and best practices in protecting sensitive information.
  • Incident Response and Recovery: Manage incident response for security and data privacy breaches, conduct root cause analyses, and oversee remediation efforts.
  • Third-Party Vendor Management: Coordinate with third parties on security and privacy audits, assessments, and remediation efforts (e.g., penetration testing, bug bounty programs).
  • Policy Development and Access Management: Oversee development of information security and privacy policies, conduct regular access management reviews, and implement technical controls for data protection.
  • Privacy Impact Assessments (PIAs): Conduct and review PIAs to evaluate privacy risks associated with new projects, technologies, and data processing activities.
  • Security Metrics and Reporting: Gather, document, and report security and privacy metrics, analyzing trends to guide continuous improvement.
Qualifications:
  • Experience: 7+ years in information security, data protection, and privacy roles.
  • Technical Skills: Proficiency in cloud technologies (e.g., AWS) and experience securing hybrid environments (on-premises and cloud).
  • Security Solutions: Hands-on experience managing security solutions such as SIEM, EDR, firewalls, IPS/IDS, and encryption.
  • Privacy Frameworks: In-depth knowledge of data protection regulations and standards (GDPR, SOC2, ISO 27001, NIST 800-171).
  • Certifications: Industry-recognized certifications (CISSP, CIPP, CISA, Certified Ethical Hacker, CompTIA Security+) are preferred.
  • Incident Management: Proven experience in incident response, management, and root cause analysis.
  • Analytical Skills: Ability to conduct privacy and security risk assessments and analyze network traffic, system alerts, and data logs for trends.
  • Communication and Collaboration: Excellent ability to convey complex privacy and security concepts to technical and non-technical audiences.
  • Autonomy and Organization: Ability to work independently, prioritize tasks effectively, and manage multiple projects concurrently.

Location

We have embraced a distributed model of working to reach the best talent in Canada. While some roles may require proximity to our Toronto, Calgary and Vancouver offices, roles based outside our office locations can be remote in Canada.

Benefits at Athennian

We offer competitive benefits and perks because we believe that happy people produce great results. We are always adding to this list based on employee feedback: generous vacation/sick/flex days, remote work options, flexible working hours, health/dental/vision/group life/gRRSP/LTD/AD&D/EFAP benefits, high growth environment, team-building, day-to-day variety (never a dull moment), MacBook for all employees, stock options, and a culture of transparency.

#J-18808-Ljbffr

  • Information Security Manager

    1 month ago

    Old Toronto, Ontario, Canada LZ Security & Service GmbH Full time

    Job Responsibilities:Develop and implement comprehensive information security strategies to safeguard the organization's assets and data.Collaborate with cross-functional teams to respond to security incidents and ensure alignment with incident management processes.Conduct thorough risk assessments and provide guidance on security best practices to...

  • Information Security and Compliance Specialist

    7 days ago

    Toronto, Ontario, Canada Healthcare Insurance Reciprocal of Canada (HIROC) Full time

    Job SummaryThis role is responsible for coordinating and gathering evidence to assess compliance for Data Protection, Information Security and Privacy. The ideal candidate will assist with SOC 2 compliance review activities and third-party audit activities, track and monitor statuses on privacy and security recommendations for new systems, cloud solutions...

  • Senior Information Security Specialist, Governance and Compliance

    4 weeks ago

    Old Toronto, Canada Canadian Tire Corporation Full time

    What you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...

  • Senior Information Security Specialist, Governance and Compliance

    3 weeks ago

    Old Toronto, Canada Canadian Tire Corporation Full time

    About the RoleWe are seeking a seasoned Information Security Specialist to lead our Governance and Compliance team. As Senior Information Security Specialist, Governance and Compliance, you will be responsible for maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing advisory services to the business...

  • Senior Information Security Specialist, Governance and Compliance

    4 weeks ago

    Old Toronto, Canada Canadian Tire Corporation Full time

    What you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...

  • Senior Information Security Specialist, Governance and Compliance

    4 weeks ago

    Old Toronto, Canada Sportchek Full time

    Senior Information Security Specialist, Governance and ComplianceLocation: Toronto, ONTime Type: Full timePosted On: Posted 2 Days AgoTime Left to Apply: End Date: November 11, 2024 (11 days left to apply)Job Requisition ID: JR134925What you’ll doProvide senior level advisory services to cybersecurity, technology teams, and business team members, as...

  • Senior Information Security Specialist, Governance and Compliance

    4 weeks ago

    Old Toronto, Canada Canadian Tire Financial Services Full time

    Senior Information Security Specialist, Governance and ComplianceApplyLocation: Toronto, ONTime Type: Full timePosted on: Posted 2 Days AgoTime left to apply: End Date: November 11, 2024 (11 days left to apply)Job Requisition ID: JR134925What you’ll doProvide senior level advisory services to cybersecurity, technology teams, and business team members, as...

  • Information and Security Manager

    1 month ago

    Old Toronto, Canada LZ Security & Service GmbH Full time

    Job Responsibilities:Plan, coordinate, and direct all information security tasks within the area of responsibility to meet the global and local security goals.Support all security incidents of the location with alignment to the incident management process.Work with the Procurement and Legal departments to review and screen suppliers.Lead IT/security...

  • Information Security Manager

    3 months ago

    Old Toronto, Canada LZ Security & Service GmbH Full time

    Job Responsibilities:Plan, coordinate, and direct all information security tasks within the area of responsibility to meet the global and local security goals.Support all security incidents of the location with alignment to the incident management process.Work with the Procurement and Legal departments to review and screen suppliers.Lead IT/security...

  • Information Security and Compliance Analyst

    5 months ago

    Toronto, Canada Tucows Inc. Full time

    Tucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you've never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo. **What's next at Tucows** We embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe...

  • Director of Information Security

    1 month ago

    Old Toronto, Ontario, Canada Nova Credit Full time

    About Nova CreditNova Credit is a pioneering fintech company dedicated to revolutionizing the financial industry by providing better credit infrastructure, analytics, and workflows. Our mission is to power a more fair and inclusive financial system for the world.Job SummaryWe are seeking an experienced Director of Information Security to join our team. As a...

  • Information Security Manager

    4 weeks ago

    Old Toronto, Canada LZ Security & Service GmbH Full time

    As a key member of the LZ Security & Service GmbH team, you will be responsible for planning, coordinating, and directing all information security tasks to meet global and local security goals. This includes supporting all security incidents with alignment to the incident management process and collaborating with Procurement and Legal departments.Your...

  • Information Security Manager

    1 month ago

    Old Toronto, Canada LZ Security & Service GmbH Full time

    Job Responsibilities: Plan, coordinate, and direct all information security tasks within the area of responsibility to meet the global and local security goals. Support all security incidents of the location with alignment to the incident management process. Work with the Procurement and Legal depar

  • Information Security Governance

    3 months ago

    Toronto, Canada Norton Rose Fulbright Full time

    Information Security Governance & Compliance Specialist The Team The information security team reports to the global chief information security officer (CISO). The team works with unified principles and processes around the world while maintaining regional stakeholder relationships. High stand

  • Chief Information Security Architect

    7 days ago

    Old Toronto, Canada Nova Credit Full time

    Nova Credit is a pioneering financial technology company that empowers a more inclusive and fair financial system for the world. As a leading player in rewiring the financial industry with better credit infrastructure, analytics, and workflows, Nova Credit enables individuals from traditionally underserved populations to access credit opportunities. Our...

  • Director of Global Information Security

    1 month ago

    Old Toronto, Ontario, Canada Nova Credit Full time

    Job DescriptionAt Nova Credit, we're on a mission to power a more fair and inclusive financial system for the world. As our Director of Global Information Security, you'll play a critical role in shaping our global information security vision, strategy, and compliance. You'll be responsible for coordinating internal and external cyber and information...

  • Manager, Physical Security

    4 weeks ago

    Old Toronto, Canada First National Financial Full time

    Manager, Physical Security (Information Security) Thursday, October 24, 2024 First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation or any other category protected by law. First...

  • Information Security Governance

    3 months ago

    Toronto, Canada Norton Rose Fulbright Full time

    Role The information security governance & compliance specialist takes responsibility for overseeing responses to support the client bids and client audit process, and the third-party supplier assessment process. The role is a key part of assuring our clients on the technical security measures NRF has in place for protecting client data. Providing...

  • Senior Information Security Specialist, Governance and Compliance

    4 weeks ago

    Toronto, Canada Canadian Tire Corporation Full time

    What you’ll do Reporting to the AVP, Cyber Governance Risk and Compliance, the Senior Information Security Specialist, Governance and Compliance will lead the charge in maintaining cyber security policies and standards, responding to regulator and auditor inquiries, and providing an advisory function to the business surrounding cyber security...

  • Information Security Architect at Nova Credit

    7 days ago

    Old Toronto, Canada Nova Credit Full time

    About the RoleNova Credit is seeking a seasoned Information Security Architect to spearhead its global information security vision, strategy, and compliance. As the architect of our information security program, you will be responsible for shaping the continued growth and maturity of the sector.Coordinate internal and external cyber and information security...