Director of Information Security & Privacy (Remote Friendly)
Saskatoon, Saskatchewan
6d ago

What youll do

  • Reporting directly to our VP of Engineering, oversee company wide information security strategy, architecture, policies and programs to ensure information assets are protected
  • As 7shifts security and privacy leader : develop, own and execute on our technical and physical security and privacy strategy and roadmap, directing the efforts of our IT, infrastructure and product development teams on product security, security engineering, security operations, incident response, and governance and risk management
  • Oversee improvement, implementation, and maintenance of global security policy, enterprise security standards, guidelines and procedures
  • Develop emergency procedures and incident response protocols
  • Act as the incident commander during significant privacy and security incidents
  • Along with Legal, be responsible for regulatory compliance and lead compliance efforts relating to SSAE18, GDPR, CDPA & PIPEDA
  • Work with Product, Engineering & other teams to mitigate risks, enhance application security and ensure customer data protection
  • Lead and prioritize security initiatives / investments impacting 7shifts security posture, based on appropriate risk / financial analysis
  • Respond to customer security / compliance questionnaires
  • Leveraging external resources as required, perform audits and translate legal and regulatory requirements into actionable work for our engineering teams
  • Manage our cyber security bounty program; owning and improving our processes for triage and threat modelling / scoring (OWASP / CVSS)
  • Serve as an expert advisor to executive leadership in the development, implementation, and maintenance of a strong cybersecurity program and infrastructure, including network access and monitoring policies
  • Understand potential threats, vulnerabilities, and control techniques. Establish processes to monitor our network of vendors, services, code dependencies and employees to ensure the safeguarding of information assets.
  • Provide information security expertise to our IT and product development teams, ensuring that appropriate security controls are applied to all existing systems and are designed into all new efforts
  • What you have :

  • Bachelors degree and five or more years of experience or an equivalent in a combination of risk management, information security and security engineering roles
  • Demonstrated knowledge of Privacy and Security Statutory, Regulatory Requirements and Standards including NIST, CDPA, GDPR & PIPEDA
  • Proven success owning security and privacy management and governance across an entire organization
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
  • Understanding of concepts, technologies and controls related to IT operations, information security, incident response, cloud environments and security, general IT controls, vulnerability management, application security and other technology related risks.
  • Itd be even cooler if you had :

  • Relevant security and privacy certifications such as Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Information Privacy Professional (CIPP) or Certified Information Systems Security Professional (CISSP)
  • Proven experience of preparing and executing for a SOC2 audit
  • Knowledge of restaurant operations
  • SaaS experience
  • About 7shifts

    7shifts is a cloud-based labor management platform designed for the restaurant industry. We help restaurateurs from independent establishments to large franchises by making it easy for them to properly schedule their staff, streamline team communications, and reduce labor costs.

    Since our founding in 2014, we have scaled rapidly to become the leading labor management solution for restaurants.

    Our Response to COVID-19

    Our team is fully supported in working remotely. We have protocols in place for those who wish to work out of our Saskatoon, Toronto, or Hoboken New Jersey offices.

    When its safe to do so, Shifties will be able to work where they work best, whether thats fully remote, or working from the office on a hybrid basis or fully in-office.

    Our People and Culture team has transitioned the recruitment, hiring, and onboarding processes to be fully virtual. Weve added dozens of Shifties to the team since then.

    While working remotely challenges our teams connected and activity-loving nature, weve been able to create virtual opportunities for fun and social connection.

    Perks :

  • Centrally located offices in Saskatoon, Toronto, and Hoboken for those who want to work in-person with their team
  • Remote friendly for those who want to work from home (whether it be preference or pandemic related)
  • Catered lunches every Friday from a beloved 7shifts customer (or a budget to order delivery when remote)
  • Stock options (equity) in a VC-backed startup
  • Benefits coverage from the start
  • Flexible vacation
  • Parental leave program
  • Continuous professional development budget
  • A culture that values authenticity, trust, curiosity, and diversity of thought
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form