Director – Information Security



1,001-5,000 employees

Digital marketplace for new and used cars in Canada

Automotive & Transportation

Senior, Expert

Greater Toronto Area, ON, Canada

Required Skills
  • Bachelor's degree in information technology or equivalent experience
  • 8-12 years of direct experience managing people in risk management, information security risk, compliance, and cloud environments
  • Knowledge of common information security management frameworks such as SOC2, ISO/IEC 27001, and NIST
  • Experience with contract and vendor negotiations and management, including managed services
  • Specific experience in software development or other best-in-class development practices
  • Experience with Cloud computing across virtualized environments
  • One or more relevant security certifications: CISSP, CCSP, SSCP, ECES, CySA+
  • Responsible for the operational leadership of the information security program
  • Communicate with executives across departments to ensure security systems work smoothly to reduce operational risks in the face of a security attack
  • Work directly with the business and IT units to facilitate cyber risk assessment and cyber risk management processes
  • Partner with business stakeholders across the organization to raise awareness of risk management concerns
  • Mature the organization's business continuity management program to ensure business resiliency
  • Lead and provide oversight for security operations activities, including real-time analysis of immediate threats, security operations and challenges in the current and future state of business operations
  • Evaluate IT threat landscape, devise cyber security policy and corresponding controls to reduce risk
  • Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services
  • Develop cyber resiliency to effectively recover from hacking, security incidents, or infringements rapidly
  • Develop processes to maintain records of up-to-date security threats, oversee data loss and fraud prevention, ensure data privacy is secured and maintained, and enhance the information security management system
  • Oversee information security architecture, represent and lead the discussions around the overall business technology planning, integrate the oversight of physical security with cyber security for convergence
  • Mentor the Information Security team members and implement professional development plans for all team members
  • Manage organization-wide information security governance processes, lead and security project priorities internally and with security vendors and third-party businesses, lead auditing and compliance initiatives, and contribute to security policy domains associated with compliance, governance, risk management, incident management, HR management, and additional domains
  • Lead the procurement process for the selection and purchase of security solutions from vendors, establish a system that reduces human error and its impact on security posture
  • Develop a comprehensive plan to attract, train and retain professionals with the requisite skills and interest in pursuing a cybersecurity career, prepare employees with the tools, skills, resources, relationships, and capabilities to protect against information security risks, develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program, lead the employee security awareness training program, develop secure business and communication practices, and identify security objectives and metrics

Company Stage


Total Funding



Toronto, Canada



Growth & Insights

6 month growth


1 year growth


2 year growth