We are hiring a Senior Information Security Officer to help protect our organization's people, data, and technology by building and operating a pragmatic security program across governance, risk management, and security operations.
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field (or equivalent practical experience)
- 5+ years of progressive experience across multiple information security domains (governance/risk and hands-on security operations)
- Hands-on experience with SIEM platforms (Microsoft Sentinel) including log onboarding, detection development, tuning, and dashboarding
- Demonstrated detection engineering and investigation skills: KQL proficiency, alert triage, and evidence-based incident response
- Experience performing threat hunting and translating hunts into detection use cases and playbooks
- Incident response experience including scoping, containment, eradication, recovery, and post-incident retrospectives
- Strong understanding of core security controls across identity (SSO/MFA), endpoint security, networking, logging/telemetry, and hybrid security concepts spanning Microsoft Azure and on-prem infrastructure (VMware ESX/NSX)
- Vulnerability management experience: scanning (infrastructure and apps), prioritization, remediation tracking, and verification
- Experience with security assessments and/or penetration testing methodologies and reporting
- Application security experience: secure SDLC, OWASP Top 10, API security, dependency and secrets scanning, and partnering with developers
- Automation/scripting ability (e.g., Python, PowerShell, Bash) and experience integrating security tools via APIs/webhooks; SOAR/playbook experience preferred
- Knowledge of security frameworks and standards (e.g., NIST CSF/800-53, ISO 27001, CIS Controls) and practical risk management
- Relevant certifications are an asset (e.g., CISSP, CISM, GIAC, GCIH, GCIA, GCED, OSCP, AZ-500, SC-200/SC-100)
Benefits
- 35-hour workweek schedule (possible flexible work options i.e., 4-day work week (position based))
- Twelve paid sick days annually (including five personal days)
- Access to SOCAN fitness facility
- Annual Performance Incentive bonus (dependent on a personal and company performance)
- Defined contribution Pension Plan
- Comprehensive, health and dental benefits program
- Inclusive and collaborative working environment
