Senior Information Security Specialist
Reporting to the Senior Director of IT and Network Operations, the Senior Information Security Specialist will assist in setting the information security strategic direction for the organization. You will be accountable for developing and maintaining a security governance program, performing risk assessments, and consulting with business owners on the implementation of information security throughout the TouchTunes business units, and securing and managing 3rd party security audit and implementation firms. You will also be responsible to produce and maintain a development/implementation backlog of information security projects and help the R&D and IT teams insert these into their project queues.
With a positive and progressive approach to implementing information security changes and controls, this role will lead, develop and lightweight yet effective information security posture for TouchTunes. This role is based in our Montreal office, with the ability to travel to the US or UK as necessary.
What your day-to-day looks like:
- Identify and develop areas where information security policies and procedures require creation or update; confer with management, developers, auditors, facilities and other business unit personnel to identify and security for data, software applications, hardware, telecommunications, and computer installations.
- Plan, design and audit policies and procedures which safeguard the integrity of and access to systems and electronic information in order to guard information against accidental or unauthorized modification, destruction or disclosure.
- Create and lead security awareness and training program
- Provide overall security program strategic direction to improve the information security posture and assurance level of the organization.
- Conduct periodic assessments and regular monitoring of company information security controls and practices to ensure compliance with established policies and regulatory requirements.
- Performing network vulnerability assessments
- May take the lead project management role on occasion.
- Bachelor’s Degree in Computer Science or related field
- 3+ years’ experience in computer networks and systems maintenance
- 2+ years’ experience on current network operating systems
- Prior management experience in a technology function a plus.
Required Technical Skills/Competencies:
- Bachelor's degree in computer science, information systems or related field, or equivalent experience required
- One of the following certifications or near equivalent
- Certified Information Systems Security professional (CISSP)
- Certified Information System Auditor (CISA)
- Certified in Risk and Information Systems Controls (CRISC)
- ISO 27K Lead Implementer
- Minimum 6 years of professional experience, with 4 years of experience in information security and/or IT risk management. 4 + years of hands-on experience as a security practitioner, implementing a variety of solutions across multiple disciplines
- Expert knowledge of well-known information security standards (ISO 27001, PCI, NIST)
- Excellent co-ordination and project management skills
- Experience in the development, and documentation of information security policies and standards used to develop an information security management system for an organization.
- Experience in maintaining and monitoring compliance to information security process and procedures
- Experience implementing strategic information security programs within large organizations, ISO 27001 and Payment Card Industry (PCI),
- Experience designing and implementing security policies and infrastructure in a multi-tenant ISP Datacenter environment and cloud computing environment (AWS)
- Knowledge and understanding across a wide breadth of technology domains, with the ability to quickly assimilate the inter-relationships with team members of various disciplines
What’s in it for you:
- Challenging and stimulating projects
- Collaborating with a bunch of super talented and friendly people
- Working with modern techs, in a culture that likes to drive constant innovation
- Conferences, training on the latest and greatest techs, weekly presentations and more.
- Free Access to a virtual health care application. Long gone are the days of waiting 8 hours at the clinic!
- Unlimited sick days (and mental health days) and extra vacations (4 weeks)
- Very competitive insurance package which is mostly covered by TouchTunes
- Free credits to play music at your favorite jukebox venues
- PC or Mac, you pick
- Flexible hours and working environment
- Up to 100% remote roles
- For the office-goers:
- Free coffee and tea all day!
- 50% off your monthly OPUS subscription
- Beautiful offices right next to Jarry Park
- Pay Type Salary