Director of IT & Security

About The Position

Requirements

• Passion for quality, well-defined processes, and technology.
• Motivated by efficiency.
• Ability to deliver the best solution and take ownership of work, tasks, and timelines.
• Strong communication skills, including listening and relaying empathy and understanding for diverse perspectives.
• Creativity and adaptability; ability to adapt quickly, innovate solutions, and embrace the new while accepting the ambiguous.
• 10+ years experience in IT
• 2 years of experience in a people management capacity
• Proven experience owning and leading SOC 2, ISO 27001, and related security/compliance audit programs across an organization, including control design, cross-functional evidence collection, auditor coordination, gap remediation, and maintaining ongoing audit readiness.
• Deep knowledge of web application security, and understanding of vulnerabilities and countermeasures.
• Strong knowledge of networking, telecom, and server technologies.
• Strong understanding of project management principles.
• Experience securing production software systems.
• Experience with incident management lifecycles.
• Proven experience in IT infrastructure planning and development.
• Positive attitude and a great team player.
• University or college degree with a technical major, such as Engineering or Computer Science.

Nice To Haves

• Knowledge of Agile principles and practices
• Information Security Certifications - CISSP, CISM, CIPM
• CCNA, CCNP, or other network certifications

Responsibilities

• Lead IT department operational planning and projects in an Agile environment.
• Take ownership over our information security roadmap.
• Ensure that Xello is in compliance with regulations, best practices, and customer data sharing agreements, including (but not limited to): PIPEDA, FERPA, COPPA, GDPR, CCPA.
• Participate in building a security-first organization by conducting organization-wide security awareness training, working with engineers to ensure best practices are met in the SDLC, and staying on top of the latest threats and security practices.
• Liaise with Xello’s sales department and customers to support the security-focused aspects of RFPs and review customer data sharing agreements for compliance.
• Oversee reporting and documentation related to network and systems operations.
• Work with stakeholders to define business and system requirements for new technology implementations.
• Develop maintenance schedules for network and systems equipment.
• Analyze existing operations and make recommendations for the improvement and growth of the network infrastructure and IT systems.
• Coordinate all major incidents ensuring the correct resources are involved as quickly as possible, senior management and the business is updated in a timely fashion, post-mortem reviews are conducted, and action items are followed through to completion.
• Provide leadership to team members through coaching, performance evaluations, training plans, and career development plans.
• Serve as the key interface with internal and external auditors for security compliance related activities.
• Protect the confidential and private information that you may come into contact with in the course of your work and uphold the ethics and integrity of Xello’s code of conduct.

Benefits

• Flexible work arrangements including hybrid and remote
• 4 weeks of vacation
• Employer-paid health and dental benefits
• 4-month top-up for parental leave
• Group RRSP with 3% matching
• PD budget for every employee