Director, Information Security

We need someone who can ultimately inspire and grow a team. As the first person on the team we also need someone who can enthusiastically jump in and get it done now. A ‘hands on’ Director, Information Security who can build professional relationships across internal IT, business leaders, vendors and customer compliance or IT security departments.

Toronto, ON


FormHero hides the complexity of existing paper and electronic documentation from your customers, prompting them to make clear selections and answer simple questions while automatically completing your documentation in the background.

keywords: who we are,the opportunity,what's in it for you,establish,advise,collaborate,counsel,manage,oversee,in-depth knowledge,outstanding communication skills,leadership skills,analytic skills,initiative,a few bonus skills

Senior Executive

Overview: <p><strong>Interested in opportunities at FormHero and want to learn more?&nbsp;Come&nbsp;meet us at StartUp Open House on September 27th between&nbsp;4pm&nbsp;&ndash;&nbsp;8pm&nbsp;at the OneEleven office (325 Front Street West, 4th floor). Please click on the link to learn more -&nbsp;<a href="" target="_blank" rel="noopener noreferrer"></a>. We look forward to meeting you!<br /></strong><br />It&rsquo;s only human to hate paperwork and at FormHero we&rsquo;re here to change the way it&rsquo;s done. Whether you are applying for a mortgage, securing insurance or going through any of life&rsquo;s other big and little moments, filling out a form is tedious and often feels futile. If you&rsquo;re the person checking those forms, every time you miss a detail it costs money and time. At FormHero, we put an end to that. We prioritize customer experience. And we&rsquo;re doing it intelligently. Our products are being used by banks, insurance carriers and government agencies to improve their customer experience and engagement. And that&rsquo;s just the beginning.</p> <p><strong>The opportunity</strong></p> <p>Reporting to Ryan Kimber, we need a Director, Information Security who wants to take a step up from a Manager role and make a mark on the way FormHero approaches information security and compliance. Someone who can introduce tested strategies for ensuring that information security risks are identified and that appropriate controls are in place to comply with policies, contractual obligations and regulatory requirements.</p> <p>We want a Director, Information Security who has equally strong people skills as their tech knowledge. We need someone who can ultimately inspire and grow a team. As the first person on the team we also need someone who can enthusiastically jump in and get it done now. A &lsquo;hands on&rsquo; Director, Information Security who can build professional relationships across internal IT, business leaders, vendors and customer compliance or IT security departments.</p> <p><strong>What&rsquo;s in it for you</strong></p> <p><em><strong>Career development.</strong></em>&nbsp;We build useful software. We help turn ideas into practical solutions. You will expand your skills in many high-demand information security areas; working on SOC2 accreditation, PCI compliance, and internal compliance enforcement for a cloud-based (AWS) solution used by some of Canada's leading financial institutions. This is a greenfield opportunity, for a Director, Information Security, who is driven by enthusiasm, inspired by possibility and excited to be part of a responsive startup that threw the &ldquo;startup manual&rdquo; out.</p> <p><em><strong>Impact.&nbsp;</strong></em>We're always iterating. We know that there's always room for process improvement. That's why we're constantly tweaking our product, so our clients get the best possible software with the features they need. Compliance and regulations are top priorities for our clients, you will play a critical role in ensuring everything is lining up.</p> <p><em><strong>Purpose.&nbsp;</strong></em>We're passionate about our people. At FormHero, our purpose is to improve the relationships between businesses by helping them put their user experience first. We think our own teams are just as worthy of our respect and dedication.</p>
Responsibilities: <p><strong>Our new Director, Information Security will:</strong></p> <ul> <li>Establish. You will lead security design of new implementations and key features.</li> <li>Advise. You will act as a Subject Matter Expert in support of client organizations&rsquo; security stakeholders. You will advocate for and provide insights related to best practices, current state and future strategy and on-the-ground work.</li> <li>Collaborate. You will work closely with Product Development, DevOps, Operations and Senior Management to understand the impact - on information security - of enterprise deployment environments, systems integrations and implementations. You will work with the Compliance Officer and Senior Management to implement controls and manage key risks.</li> <li>Counsel. You will provide Information security requirements advice and counsel at all levels.</li> <li>Manage. You will implement security risk governance and control, incorporating a consistent, sustainable methodology for identifying, assessing and documenting information security risk that provides early warning of potential failure to meet information security requirements. You will identify new reporting opportunities to improve risk management.</li> <li>Oversee. You will monitor due diligence of information security risk processes and results on an ongoing basis. You will maintain a portfolio of Information Risk Issues to ensure the risk assessments are complete, accurate; acted upon and escalated where appropriate.</li> </ul>
Requirements: <p><strong>Our new Director, Information Security has:</strong></p> <ul> <li>In-depth knowledge. Hands-on expertise of Information Security risk and industry best practices. Practical experience implementing SOC2 / ISO 27001 standards and compliance.</li> <li>Outstanding communication skills. Excellent verbal and written abilities including the ability to translate security policies and procedures into technical configurations. Strong ability to explain vulnerabilities and weaknesses in OWASP Top 10, WASC TCv2 and CWE 25 to any audience.</li> <li>Leadership skills. A proven history leading a team and projects. A natural ability to build relationships across groups, vendors and customer security teams.</li> <li>Analytic skills. Persistence to solve problems and focus on the big picture and the details.</li> <li>Initiative. The drive to work autonomously and be a team contributor.</li> <li>A few bonus skills. Exposure to banking and insurance compliance and security requirements are nice to have. Information Security certifications (e.g. CISSP, CISSLP, GIAC etc.) preferred, but not mandatory. Particular preference will be given to candidates that have Mobile Application Security and Cloud Security backgrounds.</li> </ul> <p><strong>Why should you join us?</strong></p> <p>FormHero is a OneEleven company, a global scale-up hub focused on helping the most promising, high-growth tech startups build their businesses and scale their operations. Joining us now is a chance to be part of a small but growing company. It&rsquo;s a chance to make an impact on literally thousands of people. We&rsquo;re a company with traction and we&rsquo;re planning to expand broadly. We are already working with some of the largest companies in Canada and we have gained the recognition of putting the end user customer experience first. We are also a company that brought in HR when we hit 14 people to demonstrate our commitment to growing the team in the ways they wanted to grow. We believe we have a responsibility to help our people live the work-life and the home-life they want to and we live up to that every day.</p> <p><strong>Apply now</strong></p> <p>Think this job is meant for you but worried you don&rsquo;t have it all? If you feel you meet 70% of the qualifications listed and you are an innovative team player, express your interest here and we promise to consider your full profile. You can also follow us on&nbsp;<a href="">Twitter</a>&nbsp;or&nbsp;<a href="">LinkedIn</a>&nbsp;to learn more about us.</p> <p>The diverse experiences, and identities of our team members help us make better decisions and drive great results. FormHero fosters an inclusive work environment that welcomes team members of all backgrounds and perspectives. We are committed to providing a meaningful environment for every member of our team.</p>