IT & Security Compliance Director
Apply on
Job Description
About us:
We strongly believe that people are the biggest asset of our company. Our hand-picked team consists of passionate, collaborative, and forward-thinking individuals from all over the globe.
We are passionate about making science easy and accessible to retailers, helping them get more value from people, data, and systems. We bring together expertise in retail, science, and scalable technologies to automate and enhance the quality of decision-making through software and consulting services.
For the last three years in a row, Cognira has been recognized as one of the fastest-growing companies in North America. We are proud to have a growing team of domain experts and data scientists, as well as a culture that fosters strong and long-lasting relationships with our clients.
Our values:
- Stand up for what s right
- Customers are always first
- Think like an Entrepreneur. Act like a CEO.
- Learn, Unlearn, Relearn
- No brilliant jerks allowed
- All work and no play is no fun at all
Are you ready to grow with us? To find out more about Cognira, please visit our website at www.cognira.com
About this role:
We are seeking an IT & Security Compliance Director to join our team. The ideal candidate will have extensive experience in Information Security, with a deep understanding of the organization's compliance with relevant security standards and regulations, managing risks, and responding effectively to security incidents.
What you will do:
IT Responsibilities:
- Manage and maintain network security, application security, and endpoint management tools.
- Oversee and enhance the security posture of our network, applications, cloud environments, and data protection mechanisms.
- Implement and operationalize identity and access management (IAM) solutions.
- Ensure robust encryption and protection of sensitive information.
- Implement and manage effective lifecycle policies.
Security Operations:
- Implement and monitor security controls and practices across the organization.
- Manage security projects and ensure timely delivery and adherence to budgets.
- Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate risks.
Compliance and Risk Management:
- Ensure compliance with industry standards and regulations, including SOC2, GDPR, and ISO 27001.
- Develop, implement, and maintain security policies and procedures to meet compliance requirements.
- Perform risk assessments and manage risk mitigation plans.
- Communicate security policies, procedures, and guidelines to internal and external stakeholders.
- Manage relationships with security vendors and service providers.
- Collaborate with cross-functional teams to ensure security is integrated into all aspects of the organization.
Incident Response and Crisis Management:
- Lead the incident response team in identifying, analyzing, and responding to security incidents.
- Develop and operationalize effective incident and crisis management plans.
What you bring to the table:
- Excellent Communication Skills
- 6-8 years of experience in Information Security
- Compliance and Risk Management experience with either SOC2, GDPR, or ISO 27001
Even better:
- Relevant certifications such as CISSP, CISM, CISA, or CEH.
- Vendor management & Project management experience
What we offer:
In addition to joining us on our journey to build state-of-the-art, AI-enabled software, you ll also get a ton of perks:
- You get the choice to work on a Mac or a PC, an endless supply of snacks, coffee & drinks and even kombucha on tap!
- On Wednesdays, we have free lunches, and our office building has a complimentary gym with free classes from yoga to kickboxing. We also have a game room, so we have the occasional table tennis competition or a game of shuffleboard.
- Laptop & all necessary IT kit for work
- Referral Program
- Casual dress code, social events, and after-work activities.
- Flexible, diverse work environment.
- Respectful, innovative team.
- But it s not all about the fun. You get a competitive salary and a progressive bonus while getting a startup experience at a company with an awesome culture.
- We also provide great medical insurance, 401K, equity stock plans for all employees, 21 days of PTO.
If you are passionate about Information Security and Compliance and possess the skills and experience we are looking for, we would love to hear from you. Apply now to join our team!