Work with Third Sphere portfolio companies

Third Sphere
84
companies
185
Jobs

Director of Information Security

Urbint

Urbint

IT
Canada · Remote
Posted on Nov 15, 2024

Director of Information Security

Location: Canada - East Coast Hours

Urbint uses AI and the latest industry science to identify threats to workers and infrastructure to stop safety incidents before they happen. We are a tight-knit team working together to build powerful technology that prevents serious injuries and infrastructure damages. Many of the largest energy and infrastructure companies in North America trust Urbint to protect workers, assets, communities, and the environment.

Job Summary

The Director of Information Security, reporting to our Chief Product and Technology Officer (CPTO), will be responsible for developing, implementing, and managing a comprehensive information security program that safeguards Urbint’s and our customers’ data, systems, and assets. This role requires a strategic thinker with strong technical expertise and leadership skills who can collaborate across departments to ensure security is embedded in all aspects of our operations and products.

Key Responsibilities

  • Strategy & Compliance
    • Develop and implement a company-wide information security strategy for both Urbint’s products and internal systems.
    • Establish and maintain security policies, standards, and procedures.
    • Ensure compliance with relevant regulatory requirements (e.g., SOC 2, ISO 27001).
    • Be the designated privacy officer for Urbint.
  • Risk Management
    • Conduct regular risk assessments and vulnerability analyses.
    • Identify and prioritize security risks; develop and implement mitigation strategies.
    • Develop and maintain an incident response plan to guide the organization’s response to security breaches.
    • Oversee incident response planning and execution, including post-incident analysis and remediation.
    • Develop and test the business continuity/disaster recovery plans for Urbint.
  • Customer Cybersecurity Questionnaires
    • Lead the creation and management of responses to customer cybersecurity questionnaires, ensuring accuracy and alignment with our security policies and practices.
    • Work closely with sales and customer success teams to address customer security concerns and communicate our security posture effectively.
  • Team Leadership & Development
    • Foster a culture of security awareness, conduct security training.
    • Build, mentor, and lead a small team of security professionals as Urbint’s needs grow.
  • Platform Operations
    • Lead the SRE team operating and securing Urbint’s US production SaaS environment, creating a secure platform for all products.
  • Security Operations Governance
    • Manage security monitoring, threat detection, and response activities for Urbint’s corporate infrastructure and products.
    • Ensure regular security testing, including penetration testing, vulnerability scanning, and code reviews.
    • Spec and manage common security tools (e.g., SIEM), enabling the operations and development teams to use the tools for their product areas.
  • Product Security
    • Collaborate with IT, DevOps, product development, and other teams to ensure security best practices are integrated into the development lifecycle (SDLC).
    • Ensure the SDLC covers testing, developing, architecting, and managing secure systems including e.g. penetration and fuzz testing, DAST, SAST, threat modeling, S-BOM generation and management, and data encryption policies.
  • Third-Party Management
    • Assess and manage security risks associated with third-party vendors and partners.
    • Implement and enforce security requirements in vendor contracts.
  • Reporting & Communication
    • Regularly report on the status of the information security program to executive leadership.
    • Communicate security risks and issues effectively to non-technical stakeholders.
    • Lead security awareness training for all employees.

Who you are

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • 8+ years of experience in information security, with at least 3 years in a leadership role at a software company.
  • In-depth knowledge of information security principles, technologies, and best practices.
  • Hands-on experience with security tools such as SIEM, IDS/IPS, firewalls, and encryption technologies.
  • Familiarity with SaaS cloud security, particularly in GCP, Azure, or AWS environments.
  • Strong understanding of web application security concepts, including OWASP vulnerabilities and common attack vectors.
  • Relevant certifications such as CISSP, CISM, CISA, or equivalent are strongly preferred.
  • Proven ability to lead and develop a security team.
  • Strong communication and interpersonal skills, with the ability to influence and drive change across the organization.
  • Ability to balance strategic thinking with hands-on execution.

Compensation:

  • Salary Range: C$170,000 to C$200,000

Benefits

  • Mission Driven - Some companies use AI to serve better digital ads and trade stocks, we seek to make our communities safer and more resilient
  • Competitive compensation package
  • Generous Paid Time off, Paid Company Holidays including Mental Health Days
  • Premium Medical Insurance including eligible dependants
  • Life Insurance, Short Term Disability Insurance, Long Term Disability Insurance

Urbint's Core Values

  • Passionate about customers: We strive to deliver sustainable value and exceed expectations, and we’re not satisfied until our customers are raving fans.
  • Be decisive: We make timely, informed, and pragmatic decisions to keep the organization moving forward.
  • Build trust: Our values are the building blocks to trust. As we live them, we grow and build lasting relationships.
  • Focus on impact: We measure and strive to continuously improve our real-world impact.
  • Be tenacious: We are agile in our approach to addressing challenges but firm in our beliefs.
  • Win together: We efficiently leverage our diverse skills and perspectives for one another, united by our shared vision.

We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.