Director of Information Security

If you are looking to join one of Canada’s fastest growing companies, goeasy Ltd. is the place for you! A publicly traded company on the TSX with over 4000% shareholder return since 2001, goeasy operates two main business units. easyfinancial is our consumer lending business that offers secured and unsecured installment loans of up to $25,000 and easyhome is Canada’s largest merchandise lease-to-own company. It is our mission to provide everyday Canadians the chance for a better tomorrow, today by giving them access to the credit they need and by offering them a second chance when they have been turned down by banks and traditional lenders. With a retail network of nearly 400 locations across Canada and over 1700 employees, we are able to build lasting relationships with our customers as we help them rebuild their credit and graduate towards prime rates and a brighter financial future.

We are seeking a Director of Information Security, reporting to the VP of IT Shared Services. You will be the lead in setting up and managing all aspects of Information and Data Security for goeasy.

Responsibilities:

• Defines the IT Security and Data Privacy Protection Strategy and Roadmap
• Defines IT policies and standards with respect to Security and Data Privacy to ensure full protection against security and data breaches
• Define IT security standards for networks, systems, devices and applications.
• Defines IT Security and Data Privacy awareness and education programs for Goeasy staff
• Advise Goeasy management on implications of evolving IT Security and Data Privacy regulations and trends on a national basis
• Select and approve vendors to provide IT Security and Data Privacy Protection Services
• Serve as the lead for IT Risk Management activities within Goeasy
• Serve as the primary interface with internal and external auditors for all compliance related activities, including but not limited to IT internal controls
• Responsible for all network and systems security including standards and annual tests.

The Director, Information Security has several key work relationships:

• Operational Business Leaders– required to ensure IT Security and Data Privacy requirements and considerations are taken into account as the Goeasy business strategy and operations evolve
• Goeasy Legal – required to ensure the implications of evolving data protection and privacy regulations are well understood
• Goeasy Compliance and Internal Audit – required to assist with IT Security and Data Privacy considerations with respect to Goeasy products and services
• IT organization peers – required to ensure IT Security and Data Privacy considerations are taken into account in all IT applications, infrastructure and services
• External IT partners – required to ensure IT Security and Data Privacy services are scoped, planned, budgeted and delivered

Qualifications:

• 10 years or more successful experience managing IT Security and Data Privacy issues for a financial services company
• Experience with cyber security and cyber insurance is a definite asset.
• Should be well versed in current legal and regulatory issues and trends with respect to IT Security and Data Privacy on a national level
• Excellent understanding of appropriate IT controls as well as IT audit approaches
• Excellent understanding of current technologies and approaches to ensure IT Security and protect data leveraging cloud and mobile technologies
• Experience with creating a complete set of IT Security and Data Privacy policies, processes and procedures
• Strong understanding of IT Security metrics
• Strong understanding of IT Security monitoring and incident response/management tools, techniques and procedures
• Familiarity with IT Risk Management frameworks and approaches (e.g. RiskIT, etc.)
• Hold one or more relevant professional certification (CISSP, SANS GSEC or global equivalents)
• Should have excellent communications skills to interact efficiently with a variety of technical and non-technical stakeholders and program contributors
• Bachelor’s degree required, with a preference for a degree in a related field (information technology, management, pre-law, etc.)
• Experience in the financial services industry or industries is desirable

Inclusion and Equal Opportunity Employment

goeasy is an equal opportunity employer. In addition, goeasy is committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada.   Please let us know if you require an accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.

Additional Information:

All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.  

We thank all interested applicants, however we will only be contacting those for interview who possess the skills and qualifications outlined above.

Why should you work for goeasy?

To learn more about our great company please click the links below:

http://goeasy.com/careers/

#LI-POST

#PAID1234