Director, Information Security

We believe small businesses are at the heart of our communities, and championing them is worth fighting for. We empower small business owners to manage their finances fearlessly, by offering the simplest, all-in-one financial management solution they can't live without.

The Director, IT Security, will drive to deliver a security-first culture whilst ensuring development teams continue to operate with speed and agility. This includes building/improving and maintaining a security management program that governs the creation, administration, and oversight of enterprise-wide information security activities while being an effective bridge to other stakeholder departments. As part of the information security program, this role is responsible for the improvement, implementation, and management of areas including enterprise information security services, cyber resilience, information security governance, and information security risk management.

The successful candidate will oversee the team responsible for providing security services focused on network and endpoint security, identity access management, vulnerability management, security tooling for our CI/CD pipelines and implementing DevSecOps processes. They will also be responsible for the collaboration and integration of security policies and procedures with Wave’s parent company.

Here’s How You Make an Impact:

• Own and manage security processes with accountability for successful audit compliance (SOC2, PCI, HIPAA) and developer productivity metrics
• Drive tooling simplification and management of access controls in order to reduce costs, business complexity and risk
• Developing long term vision (2+ years) and though leadership (SMEs) for the security origination in partnership with Corporate IT, Compliance and Risk
• Refining security team roles and developing role guidelines, including career development paths
• Defining and improving the security incident management process
• Working with stakeholders to ensure that security is a primary focus across all of Wave, including education
• Rolling up your sleeves for hands-on work configuring security tools, monitoring and alerting
• Proactively identifying gaps in Wave’s security posture and developing solutions and standards to address potential threats
• Performing security reviews for new technologies and vendor risk assessments to enable the business to make informed decisions
• Conducting threat and risk analysis of our cloud-based systems, applications and supply chains
• Investigating and triaging security incidents and conducting technical and forensics evidence gathering
• Driving compliance activities including regular reviews and audits
• Coaching and growing a team of Security Engineers

You Thrive Here By Possessing the Following:

• 7+ years of progressive experience that includes designing and implementing an enterprise information security strategy and program
• 5+ years of related experience in a leadership role in an Cloud/SaaS Infrastructure environment (i.e. AWS)
• Previous experience managing a team or acting as a team lead responsible for a technical team
• Demonstrated information security experience across multiple disciplines (ops, engineering, incident response, application security, etc)
• Experience implementing regulatory frameworks such as SOC, PCI, HIPAA, SOX, PIPEDA
• Competent with a common scripting language (Python)
• Ideal candidate has experience working with SaaS and/or FinTech organizations

At Wave, you’re treated like the incredible human being you are.

Work From Where You Work Best: We will always have a welcoming, energizing, and world-class office (in Toronto) with a space for you. Or, if you’re more comfortable working from home, the choice is yours**.**

We Care About Future You: You will stretch yourself and you will grow at Wave. You will also be supported on this journey with diverse learning experiences, educational allowances, mentorship, and so much more.

We Support the Full You: We make a serious investment in your health & wellness. When we think about benefits we think about body, mind, & soul and we take this stuff very seriously.

We Take Care of the Fundamentals: Fair compensation, all the office perks you’d want, and the various goodies you’d expect from a growing tech company. This is the obvious stuff, but we don’t want you to think we forgot!

We believe that a diverse and inclusive culture creates the best workplace. We embrace our differences, value individuality, and the broad spectrum of every Waver's skills and abilities. We challenge each other from a place of respect and pursuit of continuous growth. We trust each other and encourage everyone to bring their authentic selves to work, everyday. As Wavers, our voices matter, our opinions are met with an open mind. The best ideas win, no matter whose they are. Contributing to an inclusive culture is a part of all of our job descriptions.

We’ve been continuously recognized as one of Canada's Top Ten Most Admired Corporate Cultures and one of Canada’s Great Places to Work in categories including Technology, Millennials, Mental Health, Inclusion and Women.

Are you ready to be a Waver? Join us!