Director, Information Security
If you are looking to join one of Canada’s fastest growing companies, goeasy Ltd. is the place for you! Recognized as Canada’s Most Admired Corporate Cultures, GTA's Top 100 Employers, one of Canada’s Top 50 Fintech’s and North America’s Most Engaged Workplaces, we want the best and brightest to join our team.
We are a publicly traded company on the TSX with over 4000% shareholder return since 2001, goeasy operates two main business units. easyfinancial is our consumer lending business that offers secured and unsecured installment loans of up to $35,000 and easyhome is Canada’s largest merchandise lease-to-own company. It is our vision to provide everyday Canadians the path for a better tomorrow, today by giving them access to the credit they need and by offering them a second chance when they have been turned down by banks and traditional lenders. With a retail network of nearly 400 locations across Canada and over 1900 employees, we are able to build lasting relationships with our customers as we help them rebuild their credit and graduate towards prime rates and a brighter financial future.
We are seeking a Director of Information Security, reporting to the VP of IT Shared Services. The successful individual will take on a key role in the organization to the lead the maturation and management of all aspects of Information and Data Security for goeasy.
- Defines the IT Security and Data Privacy Protection Strategy and Roadmap
- Defines IT policies and standards with respect to Security and Data Privacy to ensure full protection against security and data breaches
- Define IT security standards for networks, systems, devices and applications.
- Defines IT Security and Data Privacy awareness and education programs for Goeasy staff
- Advise Goeasy management on implications of evolving IT Security and Data Privacy regulations and trends on a national basis
- Select and approve vendors to provide IT Security and Data Privacy Protection Services
- Serve as the lead for IT Risk Management activities within Goeasy
- Serve as the primary interface with internal and external auditors for all compliance related activities, including but not limited to IT internal controls
- Responsible for all network and systems security including standards and annual tests.
The Director, Information Security has several key work relationships:
- Operational Business Leaders– required to ensure IT Security and Data Privacy requirements and considerations are taken into account as the Goeasy business strategy and operations evolve
- Goeasy Legal – required to ensure the implications of evolving data protection and privacy regulations are well understood
- Goeasy Compliance and Internal Audit – required to assist with IT Security and Data Privacy considerations with respect to Goeasy products and services
- IT organization peers – required to ensure IT Security and Data Privacy considerations are taken into account in all IT applications, infrastructure and services
- External IT partners – required to ensure IT Security and Data Privacy services are scoped, planned, budgeted and delivered
- 10 years or more successful experience managing IT Security and Data Privacy issues for a financial services company
- Experience with cyber security and cyber insurance is a definite asset.
- Should be well versed in current legal and regulatory issues and trends with respect to IT Security and Data Privacy on a national level
- Excellent understanding of appropriate IT controls as well as IT audit approaches
- Excellent understanding of current technologies and approaches to ensure IT Security and protect data leveraging cloud and mobile technologies
- Experience with creating a complete set of IT Security and Data Privacy policies, processes and procedures
- Strong understanding of IT Security metrics
- Strong understanding of IT Security monitoring and incident response/management tools, techniques and procedures
- Familiarity with IT Risk Management frameworks and approaches (e.g. RiskIT, etc.)
- Hold one or more relevant professional certification (CISSP, SANS GSEC or global equivalents)
- Should have excellent communications skills to interact efficiently with a variety of technical and non-technical stakeholders and program contributors
- Bachelor’s degree required, with a preference for a degree in a related field (information technology, management, pre-law, etc.)
- Experience in the financial services industry or industries is desirable
Inclusion and Equal Opportunity Employment
goeasy is an equal opportunity employer. In addition, goeasy is committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada. Please let us know if you require an accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.
All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire. We thank all interested applicants, however we will only be contacting those for interview who possess the skills and qualifications outlined above.
Why should you work for goeasy?
To learn more about our great company please click the links below: