Head of IT Security - Remote

Overview

The Head of IT Security is responsible for the continual development of security processes and controls across a number of Valsoft businesses. The role is required to pay special attention to the implementation and maintenance of Valsoft Information Security standards within all the businesses under your jurisdiction. Additionally, you’ll provide input to improvements in our global IT Security posture.

In Short

• Support and guide the businesses in delivering quality and compliance in order to drive down information security risk
• Defending the businesses by building and implementing security processes and procedure in line with Valsoft standards and designed to protect and respond to risk
• Promoting responsible behaviour by improving the culture internally to ensure all staff are protecting against possible security incidents
• Continuous improvement by ensuring security updates are implemented as and when necessary
• Guide Valsoft businesses in the pursuit of the ideals set out in global security frameworks such as ISO27001/SOC2/PCI-DSS
• Ensure that all businesses have appropriate levels of certification (PCI, GDPC, HIPAA, etc)
• Provide support and guidance across a wide variety of IT subjects
• Providing expert advice and support when systems are being designed, upgraded or installed with the express aim of building security into the design
• Overseeing the development and enhancement of security systems and integrating new technologies with those existing
• Working with business staff to develop plans and strategies to ensure client services can be enhanced, user effectiveness improved and innovation encouraged without compromising security effectiveness
• Obtain and maintain appropriate levels of cyber security awareness through research, training and certifications (ISO27001, CISSP/CISM/CRISC, Cyber Essentials)

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related discipline is essential
• A relevant certification (e.g., CISSP, CISM, CISA) is essential
• Minimum of 5+ years of experience in information technology, information security, cybersecurity, or IT risk management, with a focus on regional or global security operations is essential
• Strong knowledge of cybersecurity frameworks, compliance requirements, and industry best practices
• Hands-on experience with security technologies, including SIEM, endpoint protection, and vulnerability management tools
• Ability to lead incident response efforts and manage security incidents effectively
• Familiarity with Canadian and US cybersecurity regulations and data protection laws
• Excellent communication and stakeholder management skills
• Ability to work independently and collaboratively within a global security team
• Experience in a multinational corporation or highly regulated industry
• Knowledge of cloud security principles and best practices
• Experience with identifying security risks within diverse systems and technology stacks
• Familiarity with security automation and threat intelligence platforms
• Fluent in English, both written and verbal, is essential
• Legally authorized to work in Canada

Benefits

• Opportunity to make a significant impact in a global organization
• Work in a remote model
• Be part of a recognized best workplace in the financial services industry