Enterprise Security Specialist

This role serves as a primary security lead and advisor, working cross-functionally to ensure security practices support business growth, regulatory requirements, and customer trust, without formal people management responsibilities.

What you'll do:

Enterprise Security Program Leadership

• Lead the development, implementation, and continuous improvement of the enterprise information security program.
• Develop and maintain security policies, standards, procedures, and controls aligned with business objectives.
• Establish security metrics and reporting to support executive visibility and informed decision-making.
• Act as a trusted security advisor to the CTO and senior leadership.

Governance, Risk & Compliance

• Lead enterprise risk assessments, security reviews, and control evaluations.
• Align security practices with recognized frameworks such as ISO 27001, NIST etc.
• Support compliance with Canadian regulatory and privacy requirements, including PIPEDA, OSFI guidance, and applicable provincial legislation.

Audits, Certifications & Regulatory Engagement

• Lead and support security audits and certifications, including SOC 2, PCI DSS, ISO 27001, and customer security reviews.
• Serve as a primary point of contact for auditors, regulators, and enterprise clients.
• Coordinate audit readiness activities, including evidence collection, policy updates, control testing, and remediation tracking.
• Translate audit findings into practical, risk-based improvements.

Third-Party & Vendor Security

• Lead third-party security risk assessments and vendor security reviews.
• Support security questionnaires, contract reviews, and customer due diligence requests.

Security Awareness & Collaboration

• Promote a security-conscious culture through collaboration, education, and practical guidance.
• Support security awareness initiatives and training across the organization.
• Work closely with Product, Professional Services, Risk, and Legal teams to support internal and external security needs.

Reporting & Leadership Support

• Provide regular reporting on security posture, risks, audit readiness, and remediation progress.
• Escalate significant security risks and incidents appropriately and support incident response activities.

What you bring:

Technical Skills

• 5 -7+ years of experience in information security, cybersecurity, or technology risk.
• Experience leading security programs or initiatives in fintech, financial services, SaaS, or other regulated environments.
• Hands-on experience supporting SOC 2, PCI DSS, ISO 27001, or similar audits and certifications.
• Strong understanding of enterprise security controls, risk management, and governance.
• Familiarity with cloud environments (AWS, Azure, or Google Cloud Platform).
• Ability to communicate security concepts clearly to technical and non-technical audiences.
• Knowledge of Canadian regulatory and privacy requirements.
• Clearly convey complex security topics to executives, clients, and technical teams.
• Analyze security and compliance issues and design effective solutions.
• Build strong partnerships internally and externally.
• Deep understanding of SDLC, DevSecOps, CI/CD pipelines, cloud technologies, and regulatory frameworks.

Bonus Points if you have the following:

• Exposure to DevSecOps or secure SDLC practices.
• Experience with vulnerability management or application security tooling.
• Experience supporting client security assessments or enterprise customer due diligence.
• Security certifications such as CISSP, CISM, or ISO 27001 Lead Implementer/Auditor.

What We Offer:

• Be part of a dynamic, innovative team where your ideas directly shape our sales strategy and market presence.

• Flexible working arrangements (hybrid, remote, or in-office) designed to support work-life balance.

• Comprehensive benefits package starting from day one, including health coverage, paid time off, and volunteer days.

• Competitive salary, annual bonus program, and participation in our employee stock option plan.

• Access to continuous learning opportunities, a robust learning management system, and a tuition reimbursement program.

• Tools and technology provided (laptop, headset, monitors) to set you up for success.

• A supportive environment that values your growth, success, and contributions to our customers achievements.