Director, Information Security Operations
Remote
Tucows
Tucows offers Domain Name Services, Fiber Internet Services and SaaS through our businesses Tucows Domains, Ting and Wavelo. We're a tech company headquartered in Toronto, Canada, making the internet better since 1993.Tucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you’ve never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo.
We embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that whatever works for our employees is what works best for us. It’s also why the majority of our roles are remote-first, meaning you can work from anywhere you can connect to the Internet!
Today, over one thousand people work in over 20 countries to help us make the Internet better. If this sounds exciting to you, join the herd!
We are seeking a Director of Information Security to lead our cybersecurity initiatives, focusing primarily on information security and application security. The ideal candidate will be a visionary leader capable of driving technical excellence, innovation, and operational rigor within our cybersecurity team here at Tucows.
You will report directly to the VP, Infrastructure Engineering and will work in concert with the Governance, Risk, and Compliance (GRC) and IT functions. This position plays a pivotal role in collaborating with and influencing stakeholders across the organization to foster a culture of security.
Key Responsibilities:
- Lead and expand a team of cybersecurity experts, fostering a culture of technical excellence, innovation, and continuous improvement.
- Manage security projects from initiation through completion, ensuring timely and budget-compliant delivery.
- Build, enhance, and manage the Incident Response function to provide quick, effective responses to minimize the impact of security breaches.
- Implement process improvements to boost the efficiency and effectiveness of security operations.
- Develop and manage budgets and financial forecasts in line with business needs and objectives.
- Align the cybersecurity program with business goals and compliance with regulations like CCPA and GDPR through strategic collaboration with senior management.
- Provide expert guidance on threat modeling, secure configurations, and company-wide risk mitigation strategies.
- Oversee the detection, investigation, and resolution of security incidents across all company infrastructure and applications.
- Drive the selection and optimization of security technologies and managed services, with a focus on automation and operational efficiency.
- Collaborate with various teams to identify and prioritize mitigation of vulnerabilities based on risk and business impact.
- Maintain the integrity of physical security measures and actively engage with external security communities to stay abreast of emerging trends.
- Continually update knowledge and incorporate security best practices in design and development processes with developers and system engineers.
- Serve as a key advisor on security architecture and requirements for business partnerships and third-party data handling.
- Develop and maintain a roadmap for security architecture and standards, ensuring the Global Security Strategy meets the security and privacy needs of all stakeholders.
- Foster information security awareness across the organization and ensure alignment with governance, risk management, and compliance strategies in collaboration with the Director of GRC & Compliance.
Qualifications:
- Minimum of 10 years in cybersecurity and IT, with at least 6 years in a cybersecurity-focused role.
- Bachelor’s degree in a relevant field or equivalent experience.
- Cybersecurity certifications such as CISA, CISSP, GSEC, CCNA, CISM, or CRISK.
- Demonstrated ability to establish and maintain effective relationships with employees, partners, and vendors.
- Excellent communication skills, capable of engaging technical and non-technical audiences.
- Deep knowledge of SIEM, Vulnerability Management, Penetration Testing, IAM, IDS/IPS, advanced encryption at rest techniques, and other security protocols.
- Proactive and pragmatic approach to problem-solving.
- Experience dealing with external entities like auditors and customers.
- Passion for shaping the workplace culture and environment.
- Familiarity with cybersecurity frameworks (NIST, ISO 27001, PCI, SOX, SOC 2) and regulatory requirements (CCPA, GDPR). #LI-NA1
The base salary range for this position is $174,800 to 205,700 USD for US residents OR $149,600 to $176,000 CAD for Canadian residents. Other countries will differ. Range may vary on a number of factors including, but not limited to: location, experience and qualifications. Tucows believes in a total rewards offering that includes fair compensation and generous benefits.
Want to know more about what we stand for? At Tucows we care about protecting the open Internet, narrowing the digital divide, and supporting fairness and equality.
We also know that diversity drives innovation. We are committed to inclusion across race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status. We celebrate multiple approaches and diverse points of view.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.
Tucows and its subsidiaries participate in the E-verify program for all US employees.
Learn more about Tucows, our businesses, culture and employee benefits on our site here.
Tags: Application security Automation CCPA CISA CISM CISSP Compliance Encryption GDPR Governance GSEC IAM IDS Incident response IPS ISO 27001 NIST Pentesting Privacy Risk management Security strategy SIEM SOC SOC 2 SOX Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs