Chief Information Security Officer

Recruiter
Inovatec
Location
Burnaby, British Columbia, Canada
Salary
CAD 150,000.00 - 165,000.00 per year
Posted
31 Jan 2025
Closes
02 Mar 2025
Ref
4615480730521661683
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time
About Inovatec

Inovatec is an exciting growth company based in Vancouver, BC, established in 2006. We are North America's leading provider of cloud-based innovative software solutions helping businesses establish a scalable, data driven business model within the automotive and equipment finance industry. Our solutions are used by some of the largest banks, credit unions, and finance companies in Canada and the U.S.

We offer quality solutions, service and support to clients from small businesses to large corporations no matter how unique or complex the problem may be.

Our expertise and passion for business process automation drives our commitment in developing innovative technology that will integrate and grow with your company, keeping our solutions successful in the long term.
Providing clients with the highest levels of professionalism, combining integrity with excellence is the foundation upon which we continue to build our success today.

Job Summary

The Chief Information Security Officer (CISO) will lead Inovatec's information security program, implementing strategies to protect sensitive data and ensure compliance with industry standards. This role involves designing and guiding cybersecurity frameworks that align with business goals while promoting a security-conscious culture within the organization. This pivotal position ensures that Inovatec remains resilient against evolving cyber threats, maintaining the confidentiality, integrity, and availability of information.

Key Responsibilities

Leadership and Team Management:
  • Develop, lead, and mentor a high performing cybersecurity team, emphasizing talent development and collaboration.
  • Promote a culture of security awareness throughout the organization, embedding security as a fundamental aspect of the company's values.
  • Align security strategies with broader business goals, partnering closely with the CIO.

Strategy Development and Execution:
  • Develop, implement, and continuously evolve a comprehensive information security strategy.
  • Employ a comprehensive approach to security management, ensuring that cybersecurity initiatives are aligned with Inovatec's business objectives, including processes and client relationships.
  • Lead the development and maturation of the Information Security Management System (ISMS), ensuring alignment with industry best practices.

Risk Management and Compliance:
  • Develop and implement risk management strategies, identifying and mitigating potential threats while ensuring compliance with regulations such as ISO 27001, and SOC 1 and 2
  • Develop and maintain Third Party Risk Management (TPRM) processes, ensuring the protection of intellectual property in accordance with client contractual requirements.
  • Design and implement policies that ensure business resilience across all working models.

Incident Response and Crisis Management:
  • Architect and lead a comprehensive incident response plan to effectively manage and mitigate security breaches.
  • Serve as the primary point of contact during security incidents, overseeing investigations, remediation efforts, and communication with key stakeholders.

Security Architecture and Operations:
  • Lead the design and implementation of a resilient security architecture, ensuring the protection of critical assets and intellectual property.
  • Implement advanced security technologies, including SIEM, EDR/XDR, firewalls, and IDS/IPS, while adopting Zero Trust frameworks to strengthen the organization's overall security posture.
  • Oversee the selection and deployment of security solutions that meet Inovatec's operational needs, with a focus on cloud security management and integration into the development lifecycle.

Collaboration and Reporting:
  • Deliver regular security updates and risk assessments to executive leadership, providing actionable recommendations for enhancing the organization's security posture.
  • Collaborate with IT, Sales, PMO, Product, People and Culture, and legal teams to ensure seamless integration of security protocols into business processes.
  • Act as the primary liaison with external regulatory bodies, auditors, and clients, ensuring strict adherence to security and compliance standards.

Key Qualifications:
  • 10+ years of experience in information security leadership, including proven success as an Information Security Officer (ISO), or Chief Information Security Officer (CISO) or senior security executive.
  • Comprehensive understanding of information security frameworks such as NIST, ISO 27001.
  • Expertise in risk management, cybersecurity governance, and incident response, with hands-on experience in advanced security technologies.
  • Proven track record of balancing security and business priorities, ensuring pragmatic solutions that drive operational efficiency and security resilience.
  • Strong leadership skills, with experience managing cross-functional teams.
  • Ability to communicate complex technical security topics to non-technical stakeholders, with a focus on gaining executive buy-in for strategic security initiatives.