Top Benefits
Retirement savings matching plan through Wealthsimple Work
Company equity for full-time employees
Access to Premium Client perks, including personal finance learning & advice and a boosted interest rate on deposits
About the role
Who you are
- Courageously Ambitious - they enthusiastically tackle big audacious goals
- Deeply Human - they understand how to bring the best out of themselves and others
- Problem Solvers - they have the ability and resilience to tackle complex issues
- Significant experience (10+ years preferred) combining individual contributor and leadership roles within cybersecurity, DevOps, and cloud security, with a proven history of working cross-functionally and building high-performing teams
- Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and OSes
- General knowledge of frameworks (NIST CSF, CIS, ISO, SOC 2, PCI DSS)
- Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (ArgoCD, Chef, Puppet, Salt, Ansible)
- Proficient in one or more: Terraform, Kafka, Kubernetes, Helm, scripting (Python, JavaScript)
- Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC
- Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001)
- Experience working in AWS is preferred
- Previous industry experience in Financial Services is preferred
- Preferably one or more: CISM, CISSP, CISA, GSLC
- Preferably one or more offered by AWS, Google or Microsoft, or GCSA, CKA, CCSP, CCSK
- Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field
What the job involves
- As Manager, Cloud Security, you will lead a team of high-performing security professionals, overseeing the security of our cloud environments which are primarily in AWS
- You will collaborate closely with infrastructure, GRC, application security, and vulnerability management teams
- Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to support our company’s cybersecurity posture and resiliency
- You will report to the Director, Security Engineering and have a mandate to expand the existing team and domain
- Collaborate with security and engineering leadership to architect and articulate a scalable and resilient vision and roadmap for secure cloud environments that support business objectives
- Use team rituals to hold DRIs accountable for the outcome of their work while ensuring risks and priorities are proactively communicated with stakeholders. SLA, budget and project delivery estimations are reliable and agreed upon in advance
- Develop programs and recommend necessary changes to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws and future proof against new developments in the industry or potential security incidents
- Act as the primary point of contact for cloud security requirements, initiatives, and escalations with the requisite subject matter expertise. Where necessary, proactively communicate the state of your domain's security posture to both technical and nontechnical stakeholders
- Build and mentor the team, focusing on employee retention and career growth by fostering a 'people first' environment with clearly stated expectations and robust support to achieve high standards
- Define key performance indicators, objectives and key results, and metrics to illustrate efficacy of the cloud security program integrating results with Vulnerability Management, GRC, or Security Operations
- In the first 3 months the ideal candidate will
- Complete their initial assessment of the cloud security program and team and be able to articulate to the business key risks and opportunities
- Review and prioritize existing issues with the team and bring any cross-functional work to the appropriate betting tables to secure buy-in from stakeholders
- Take ownership of our vendor relationships specifically for our CNAPP and CWP tools
- In the first 6 months the ideal candidate will
- Develop growth plans for the team based on existing needs including any training, conference, or sourcing budget that may be required
- Establish good working relationships with vulnerability management, application security, and platform teams
- Establish what KPIs or SLAs define excellence on this team and establish a strong operating cadence for their direct reports in concert with their peers and management team with at least a 4-month roadmap
- In the first 12 months the ideal candidate will
- Prepare their team’s annual roadmap, budget, and headcount plan for the new year with appropriate buy-in from their stakeholders
- Review their team’s performance against stated objectives, evaluate control effectiveness, and highlight any suggested changes to the program
Benefits
- Retirement savings matching plan through Wealthsimple Work
- Company equity for full-time employees
- Access to Premium Client perks, including personal finance learning & advice and a boosted interest rate on deposits
- Paid parental leave (6 months topped up to 100% of salary)
- 20 vacation days per year
- 90 Days Away program
- Top-tier health benefits
- Life & disability insurance
- Generous sick and mental health days
- Employee resource plan including services like RMT, psychology, and physiotherapy
- Up to $5,000 per year for mental health supports
- Gender Affirmation benefits
- Up to $1,500 per year for professional development
- Up to $1,500 per year for wellness and home office expenses
- Employee resource groups
- Social impact hours
Top Benefits
Retirement savings matching plan through Wealthsimple Work
Company equity for full-time employees
Access to Premium Client perks, including personal finance learning & advice and a boosted interest rate on deposits
About the role
Who you are
- Courageously Ambitious - they enthusiastically tackle big audacious goals
- Deeply Human - they understand how to bring the best out of themselves and others
- Problem Solvers - they have the ability and resilience to tackle complex issues
- Significant experience (10+ years preferred) combining individual contributor and leadership roles within cybersecurity, DevOps, and cloud security, with a proven history of working cross-functionally and building high-performing teams
- Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and OSes
- General knowledge of frameworks (NIST CSF, CIS, ISO, SOC 2, PCI DSS)
- Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (ArgoCD, Chef, Puppet, Salt, Ansible)
- Proficient in one or more: Terraform, Kafka, Kubernetes, Helm, scripting (Python, JavaScript)
- Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC
- Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001)
- Experience working in AWS is preferred
- Previous industry experience in Financial Services is preferred
- Preferably one or more: CISM, CISSP, CISA, GSLC
- Preferably one or more offered by AWS, Google or Microsoft, or GCSA, CKA, CCSP, CCSK
- Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field
What the job involves
- As Manager, Cloud Security, you will lead a team of high-performing security professionals, overseeing the security of our cloud environments which are primarily in AWS
- You will collaborate closely with infrastructure, GRC, application security, and vulnerability management teams
- Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to support our company’s cybersecurity posture and resiliency
- You will report to the Director, Security Engineering and have a mandate to expand the existing team and domain
- Collaborate with security and engineering leadership to architect and articulate a scalable and resilient vision and roadmap for secure cloud environments that support business objectives
- Use team rituals to hold DRIs accountable for the outcome of their work while ensuring risks and priorities are proactively communicated with stakeholders. SLA, budget and project delivery estimations are reliable and agreed upon in advance
- Develop programs and recommend necessary changes to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws and future proof against new developments in the industry or potential security incidents
- Act as the primary point of contact for cloud security requirements, initiatives, and escalations with the requisite subject matter expertise. Where necessary, proactively communicate the state of your domain's security posture to both technical and nontechnical stakeholders
- Build and mentor the team, focusing on employee retention and career growth by fostering a 'people first' environment with clearly stated expectations and robust support to achieve high standards
- Define key performance indicators, objectives and key results, and metrics to illustrate efficacy of the cloud security program integrating results with Vulnerability Management, GRC, or Security Operations
- In the first 3 months the ideal candidate will
- Complete their initial assessment of the cloud security program and team and be able to articulate to the business key risks and opportunities
- Review and prioritize existing issues with the team and bring any cross-functional work to the appropriate betting tables to secure buy-in from stakeholders
- Take ownership of our vendor relationships specifically for our CNAPP and CWP tools
- In the first 6 months the ideal candidate will
- Develop growth plans for the team based on existing needs including any training, conference, or sourcing budget that may be required
- Establish good working relationships with vulnerability management, application security, and platform teams
- Establish what KPIs or SLAs define excellence on this team and establish a strong operating cadence for their direct reports in concert with their peers and management team with at least a 4-month roadmap
- In the first 12 months the ideal candidate will
- Prepare their team’s annual roadmap, budget, and headcount plan for the new year with appropriate buy-in from their stakeholders
- Review their team’s performance against stated objectives, evaluate control effectiveness, and highlight any suggested changes to the program
Benefits
- Retirement savings matching plan through Wealthsimple Work
- Company equity for full-time employees
- Access to Premium Client perks, including personal finance learning & advice and a boosted interest rate on deposits
- Paid parental leave (6 months topped up to 100% of salary)
- 20 vacation days per year
- 90 Days Away program
- Top-tier health benefits
- Life & disability insurance
- Generous sick and mental health days
- Employee resource plan including services like RMT, psychology, and physiotherapy
- Up to $5,000 per year for mental health supports
- Gender Affirmation benefits
- Up to $1,500 per year for professional development
- Up to $1,500 per year for wellness and home office expenses
- Employee resource groups
- Social impact hours