Director, Information Security - IFS Copperleaf

IFSVancouver, BC
CA$170,000 - CA$200,000Hybrid

About The Position

The Director, Information Security will be responsible for building and leading a high-performing security team, developing and implementing an enterprise-wide information security strategy, and ensuring compliance with relevant regulations and standards. This role will focus on security strategy, risk management, security operations, customer trust, and people leadership within the Technology Experience (TX) department. The position requires a strategic thinker with a strong understanding of information security principles, risk management, and compliance frameworks, particularly in a SaaS and AI-driven product context. The Director will partner with various departments, including Legal, Product, and IT, to embed security and privacy by design throughout the product lifecycle and ensure the organization's security posture is a competitive advantage.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related discipline (Master's or MBA with a risk or technology focus preferred), or an equivalent combination of education and experience.
  • 10+ years of progressive experience in information security, including 5+ years leading and directing security teams (a strong combination of education and experience will be considered).
  • Demonstrated experience owning enterprise security across SaaS, cloud, on-premises, and private-cloud deployments, including securing products delivered to regulated utilities and critical-infrastructure customers.
  • Demonstrated experience owning compliance programs (SOC 2, ISO 27001).
  • Demonstrated experience leading customer-facing security assurance.
  • Deep understanding of international data protection frameworks, including GDPR and CCPA, and know how to apply them in a SaaS environment.
  • Experience securing AI/ML products and platforms and defining AI security governance.
  • Background operating in regulated, critical-infrastructure, or enterprise-scale environments, ideally serving utilities or similar sectors, with executive-level risk reporting.
  • Track record maturing a security function from operational to strategic and using security as a commercial differentiator in enterprise deals.
  • Proven ability to lead in a fast-paced environment with a bias for action, strong prioritization, simple communication, and disciplined execution.

Nice To Haves

  • Master's or MBA with a risk or technology focus preferred.
  • CISSP strongly preferred.
  • CISM, CISA, CRISC, CCISO, or equivalent credentials considered an asset.

Responsibilities

  • Develop, implement, and maintain an enterprise-wide information security strategy aligned to business objectives, available resources, and Copperleaf’s Industrial-AI product context.
  • Develop and maintain security standards and practices based on industry-leading frameworks.
  • Establish, communicate, and enforce information security roles, responsibilities, and policies throughout the organization.
  • Define a clear security engagement model and embed early-stage, “shift-left” security practices across delivery teams.
  • Drive a security operating model that supports fast, focused decision-making and removes unnecessary complexity while maintaining disciplined risk management.
  • Own the Copperleaf security risk register and the enterprise risk-assessment and treatment process; implement and track mitigation plans for identified risks.
  • Own the end-to-end SOC 2 and ISO 27001 programs.
  • Ensure compliance with relevant regulations and standards and serve as liaison to external auditors, partners, and regulators.
  • Co-develop practical AI and privacy governance with Product, IT, Legal, and the Head of AI, owning the security-and-controls dimension of the enterprise AI policy.
  • Direct security operations across threat detection, monitoring, and response, leveraging SIEM, EDR, IAM, and related tooling.
  • Lead incident response end to end, including rapid identification, containment, eradication, recovery, post-incident review, and continuous improvement.
  • Oversee vulnerability management, threat intelligence, and proactive testing.
  • Own business continuity and disaster-recovery planning and readiness for security-impacting events.
  • Partner with R&D and Product to embed security into the software development lifecycle (SDLC).
  • Demonstrate and maintain an effective security posture across cloud, on-premises, and private-cloud deployments, covering data, software, and systems, including the deployment models used by regulated utilities and critical-infrastructure customers.
  • Establish controls and guardrails for the secure development and use of AI across Copperleaf, in coordination with the Head of AI.
  • Own the Trust Center and the external security narrative used in sales and renewals; act as primary point of contact for customer security inquiries, questionnaires, and audits.
  • Partner with Legal and commercial teams through customer negotiations, including reviewing and providing risk-based input on security schedules, data-protection terms, redlines, and customer-specific assurance commitments.
  • Mature the security posture into a client-facing trust advantage.
  • Own the organizational design and staffing model for the security function, sizing and structuring the team and its leadership to align with risk, demand, and business priorities.
  • Directly manage, coach, and develop the InfoSec team across all five security functions, conducting regular performance and career-development reviews.
  • Forecast changing business needs and align team skills and experience; provide technical direction and guidance across teams.
  • Create a high-performance team culture that values speed, focus, simplicity, ownership, and clear prioritization in a fast-paced, high-growth environment.
  • Embed a deep, organization-wide commitment to staying secure through ongoing training, awareness, and clear expectations.
  • Develop and execute annual security business plans, project initiatives, the department budget, and KPIs; monitor progress and act to ensure goals and service levels are met.
  • Translate strategy into focused execution, balancing urgency and simplicity with the discipline required to protect the business and support scale.
  • Continuously pursue cost-effectiveness through innovation, negotiation, vendor management, and process improvement.
  • Build security measurements, reports, and KPIs that give executives and the Board a clear, business-framed picture of security risk and posture.
  • Serve as the primary security advisor to the SVP and represent InfoSec in cross-functional governance with the Head of AI, Strategic Initiatives, and the Director, Technology & AI.

Benefits

  • Flexible paid time off, including sick and holiday
  • Medical, dental, & vision insurance
  • Flexible spending accounts
  • Life insurance and disability benefits
  • Tuition assistance
  • Community involvement and volunteering events
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service