IT Security and Compliance Manager
7 months ago
We are looking for a capable IT Security and Compliance Manager, who enjoys remote security work and possesses both deep and wide expertise in the information security space.
The base salary for this role is: $90,000-$130,000
**Job Summary**:
As the IT Security and Compliance Manager at Mogo and its subsidiaries, you are entrusted with spearheading the organization's comprehensive security and IT Compliance strategy. This role is pivotal in managing a broad spectrum of responsibilities across the main company and its subsidiaries, including overseeing PCI DSS Level 1 Service Processor compliance, coordinating with external QSAs, and upholding the highest standards of data protection and cybersecurity practices. You will ensure adherence to stringent industry standards and safeguard our fintech environment.
Key Responsibilities:
- ** PCI DSS Compliance - Level 1 Service Processor**: Lead PCI DSS compliance initiatives as a Level 1 Service Provider, ensuring rigorous implementation of controls and adherence to standards for high-volume transaction processing.
- ** External QSA Coordination**: Work closely with external Qualified Security Assessors for regular PCI DSS audits and assessments, ensuring compliance and effective communication.
- ** Custom Code Review Oversight**: Manage the review of custom code for security vulnerabilities, upholding compliance with industry standards.
- ** Vulnerability and Penetration Testing Management**: Oversee internal and external vulnerability scans, as well as penetration testing, to identify and address security weaknesses.
- ** Compliance Leadership and Audit Management**: Conduct comprehensive compliance assessments, audits, and reviews, overseeing the implementation of corrective actions.
- ** Cross-Functional Regulatory Compliance Collaboration**: Engage in cross-functional teams, ensuring alignment of user activities and system processes with regulatory, security, privacy, and legal requirements.
- ** Due Diligence Documentation**: Lead the completion of due diligence documents. Ensure accurate and timely documentation across multiple departments.
- ** Security Event Management**: Manage security event monitoring systems and respond to security incidents swiftly and effectively.
- ** Continuous Compliance Monitoring**: Perform ongoing security compliance monitoring in coordination with other organizational functions.
- ** Risk Management and Incident Response Planning**: Manage risk indicators and enhance incident response plans and scenarios.
- ** Security Awareness and Training**: Develop and conduct security awareness training programs and phishing campaigns to enhance the cybersecurity knowledge and readiness of all employees.
Key Performance Indicators:
- ** PCI DSS Compliance Metrics**: Track effectiveness and timeliness of implementing PCI DSS controls as a Level 1 Service Processor.
- ** Custom Code Review KPIs** (Vulnerability Detection Rate, Time to Remediate, etc.)
- ** Vulnerability Resolution Efficiency**: Rate of successful identification and mitigation of vulnerabilities from scans and tests.
- ** Audit Compliance Rate**: Success rate in meeting compliance standards in audits and reviews.
- ** Incident Response Time**: Track the average time taken to respond to and mitigate security incidents identified during scans and tests.
Required Certifications and Skills:
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
- Certifications: CISSP, CISM, CRISC, or equivalent.
- Extensive experience in managing PCI DSS compliance, particularly for Level 1 Service Processors.
- Proficiency in coordinating with external QSAs and managing comprehensive security audits.
- Strong background in IT security, particularly in a fintech setting.
- Must be located in Canada
- Skilled in risk management, incident response, and conducting security audits.
Preferred Qualifications:
- Master’s degree in Information Security or a related field.
- Additional certifications such as CEH, GCIH, or similar.
- Experience with cloud security, AI-based security systems, and big data analytics.
**Benefits of working with us**:
- Remote Work - Enjoy the flexibility of remote work, supported by necessary resources.
- Comprehensive Health and Wellness - Access medical, dental, and vision coverage.
- Stock Options - Have a stake in the company's success through stock options.
- Work-Life Balance - Benefit from paid time off, including vacation days, holidays, and personal days.
- Innovative and Inclusive Culture - Engage in cutting-edge projects and be part of an inclusive workplace with diversity and equality programs.
- Wellbeing Programs - Access counseling services, mental health support, and additional wellness resources.
**About Us**
We help make it easy for Canadians to achieve financial freedom while making a positive impact.
We live in the most innovative and technologically advanced era, yet so much struggle exists. Most of us are fa
-
Principal Security Compliance Analyst
6 months ago
Remote, Canada Open Text Corporation Full time**Principal Security Compliance Analyst**: - Req id: 37918- Virtual, CA Virtual, US**OPENTEXT - THE INFORMATION COMPANY** As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management. **The...
-
Security Project Manager
6 months ago
Remote, Canada Daemon Defense Systems Full timeWe are looking for a skilled Security Project Manager who will work closely with the team and is responsible for devising security plans and strategies while leading the security team. Daemon Defense Security Program Managers maintain the highest level of professionalism and confidentiality. You will collaborate with the team and contribute to the security...
-
Chief Compliance Officer
6 months ago
Remote, Canada Nest Wealth Full time**_We’re building our Nest!_** - Where you’ll be: Working remotely, anywhere in Canada (in EST)_ - Your Role: Chief Compliance Officer_ - Reporting to: Randy Cass, CEO_ **Who We Are**: Founded in 2014, Nest Wealth created Canada's first SaaS-based digital wealth management platform to ensure investors have access to sophisticated, personalized, and...
-
Chief Security Officer
7 months ago
Remote, Canada High Tech Genesis Full timeLocation: Ottawa, ON Canada Hybrid Term: Permanent High Tech Genesis is currently looking to hire a Chief Security Officer (CSO), you will play a pivotal role in safeguarding our organization's assets, mitigating risks, and ensuring compliance with regulatory standards. With your strategic vision and leadership, you will lead our security efforts, from...
-
Compliance Reporting Administrator
6 months ago
Remote, Canada ComplyWorks Full time**POSITION OVERVIEW** We are seeking a motivated, highly organized and detail-oriented Reporting Admin to join our team, whose primary responsibility will be to extract, review, and present data from Veriforce Applications and Salesforce, to provide valuable insights and reports to support data-driven decision-making within our organization as well as...
-
Manager, Security Operations
7 months ago
Remote, Canada Jobber Full timeJobber exists to help people in small businesses be successful. We work with small home service businesses, like your local plumbers, painters, and landscapers, to transform the way service is delivered through technology. With Jobber they can quote, schedule, invoice, and collect payments from their customers, while providing an easy and professional...
-
Lead Security Analyst, Grc
6 months ago
Remote, Canada Cronos Group Inc. Full timeCronos Group is an innovative global cannabinoid company with international production and distribution across five continents. Cronos Group is committed to building disruptive intellectual property by advancing cannabis research, technology and product development. With a passion to responsibly elevate the consumer experience, Cronos Group is building an...
-
Staff Security Awareness and Culture Analyst
7 months ago
Remote, Canada Okta Full time**Get to know Okta** Okta is The World's Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security...
-
SAP Security and Grc Consultant
6 months ago
Remote, Canada Stream-Flo Full time**Primary Accountability**: - Implement the new Security design for Stream-Flo users, support teams and system users - Design and Implement Governance, Risk and Compliance System(GRC) - Define and configure Segregation of Duties(SODs) and risk library - Advice on SAP Security policy and procedures - Cutover planning and roll out to users **Key Position...
-
Information Security Specialist
7 months ago
Remote, Canada VON Canada Full time**Requisition Details**: Employment Status: Regular, Full Time (1.0 FTE) Program Name: IT/IS Number of Hours Bi-Weekly: 75 Work Schedule: Days On Call: Yes Location: This position can be based out of any of our offices in Ontario and Nova Scotia. The position is currently remote but does require on-site attendance periodically when required. **Job...
-
Head of Compliance
6 months ago
Remote, Canada Corporate G&A Full timeWe’re looking for a Head of Compliance who wants to pioneer the fusion of regulatory compliance with groundbreaking innovations in the web3 space. You will join striving to blend traditional compliance with future-oriented product strategies, ensuring that Dapper Labs remains a trusted name in the crypto and blockchain industry. In this role, you can...
-
Training & Compliance Coordinator
7 months ago
Remote, Canada Alimentiv Full timeThe Training & Compliance Coordinator supports the relevant manager to drive a culture of compliance and quality within Clinical Research. The objective of this role is to support the development of policies and procedures; coordinate training initiatives; and act as a resource to coordinate, oversee or support other quality initiatives, including audits,...
-
Technical Program Management, Guidewire Security
6 months ago
Remote, Canada Guidewire Software Full time**Responsibilities**: - Create specifications, prioritize requirements and propose a roadmap of security features - Collaborate with the engineering team building the product to clarify requirements and specifications - Manage complex and cloud-scale technical security programs to meet Guidewire’s business objectives - Define and lead roadmap execution...
-
IT Controls
6 months ago
Remote, Canada Alberta Blue Cross Full timeAlberta Blue Cross® is an Alberta based organization dedicated to delivering exceptional customer experience and community leadership. We’re committed to providing the best health coverage to over 1.8 million members and take an active role in promoting wellness. We believe in what we do—and place trust in our employees to deliver our vision. Working...
-
Operations Coordinator
6 months ago
Remote, Canada Lyrical Security Full time**Responsibilities** Executive Assistant (50%) - Act as a trusted partner to the CEO and executive leadership team, managing an array of administrative tasks and facilitating smooth communication. - Track incoming requests and create a list of daily priorities based on urgency, importance, and deadlines. Follow-up to ensure any delays are communicated to...
-
Cyber Security Analyst
7 months ago
Remote, Canada Dawn InfoTek Inc. Full timeDawn InfoTek Inc. is a professional IT consulting team that partners with major financial institutions, investment firms and government sectors. We have been dedicated to delivering cutting-edge consulting services and recruiting all levels of IT positions for our clients. We are currently seeking competent individuals to fulfill the role of **Cyber...
-
Data & Analytics Content Writer
6 months ago
Remote, Canada IT Chapter Full timeOver the last years, to enable the Digital transformation and data analytics strategy, has invested in developing a consolidated Enterprise Data Platform (EDP) on Azure cloud, enabled by data and analytics tools and best practice operational and governance processes. A change management methodology is in place and when enacted it provides, among others, a...
-
Scrum Master
7 months ago
Remote, Canada IT Chapter Full timeWe are seeking a Scrum Master Service Provider to support creating the conditions for the team to frequently deliver high-user value / high-quality products, allow the team to self-organize, remove impediments, shield the team from outside distractions, and continuously promote and support the team’s use of Agile and Scrum. **Responsibilities** - Ensure...
-
Implementation Project Manager
6 months ago
Remote, Canada League Inc. Full time**About League** Founded in 2014, and with a total funding currently at $220 million; League is a platform technology company powering next-generation healthcare consumer experiences. Payers, providers, consumer health partners and employers build on League's platform to deliver high-engagement, personalized healthcare experiences consumers love. Millions...
-
Affiliate Manager
7 months ago
Remote, Canada Gen3 Marketing LLC Full time**WHO WE ARE**: The combined Gen3 family expertly oversees more affiliate businesses than any agency in the world and is a 12-time Agency of the Year award winner. We serve over 500 clients such as Gap, American Express, and many others! With over 20 + years of industry experience, we’ve helped grow revenue through affiliate innovation to the tune of...