Overview
Chief Information Security Officer Jobs in Montréal, Quebec, Canada at Flare
Title: Chief Information Security Officer
Company: Flare
Location: Montréal, Quebec, Canada
Type: Remote/Work from Home
Category: IT/Tech, Security
We are a team ofmission-drivenpeople who want to enable companies to protect themselves against cyber crimes, and we’re damn passionate about it. We thrive on trust, operate with integrity and above all support our people so they can do their best work and be their best selves. If you continuously challenge yourself tolearn and grow, are driven by the impact your work has and are as equallymission-drivenas we are, check us out!
Position Overview
Flare is looking for an experienced Chief Information Security Officer responsible for establishing and leading the enterprise’s security vision, strategy, and program to ensure the protection of information assets and customer data. Given our fast growing environment, this role is highlydynamicand requires both high-level strategic thinking and tactical, day-to-day implementation of security best practices.
Security Strategy and Governance
Security strategy
:
Create a roadmap that aligns with business goals and adjusts as the company grows. Prioritize efforts based on risk and resource constraints.
Risk management
:
Identify, assess, and manage security risks across the organization, including IT systems, data privacy, intellectual property, and third-party risk.
Compliance
:
Ensure the company complies with relevant laws, regulations, and industry standards (e.g., GDPR, SOC
2).
Hands-on Security Implementation
Incident response
:
Act as the first responder for security incidents. Lead investigations and implement containment, remediation, and recovery plans.
Vulnerability management
:
Conduct regular security assessments, penetration tests, and vulnerability scans to identify and mitigate potential risks.
Security architecture
:
Design and implement security controls and practices for systems, networks, and applications, ensuring security is part of the SDLC (Software Development Life Cycle).
Cloud security
:
Secure cloud environments (e.g., AWS, Azure) and ensure that infrastructure and operations in the cloud are aligned with security best practices.
Endpoint and network security
:
Deploy and manage security tools like firewalls, antivirus, endpoint protection, and intrusion detection systems.
Data Protection and Privacy
Data security
:
Ensure encryption, data lossprevention, and other mechanisms to secure sensitive company and customer data.
Privacy
:
Ensure data protection measures are in place to comply with relevant data privacy laws (e.g., GDPR), especially for customer-facing services.
Security Awareness and Training
Staff training
:
Lead efforts to train employees on security best practices, phishing awareness, and how to report incidents.
Leadership and Culture of security
:
Foster a culture of security across the organization by embedding security consciousness in everyday activities and decision-making.
Vendor and Third-party Management
Third-party security
:
Evaluate and monitor third-party vendors to ensure their security practices do not introduce risks to the organization.
Sales Support
:
Assist the sales team with customers’ security and privacy questions.
You’ll be a perfect fit if:
You are Montreal-Based and Bilingual
:
Proficiency in both French and English will help interact with key internal and external stakeholders.
Broad technical knowledgeof cybersecurity principles, cloud security, network security, and secure software development.
Hands-on technical skillsto implement and manage security tools, conduct audits, and respon…
