About the position
Vidyard is seeking a Lead Security Analyst to join their Security team. This remote role, open to candidates in Canada, will involve ensuring security compliance and risk requirements are met, as well as driving security awareness across Engineering and the business. The Lead Security Analyst will collaborate with other teams to improve security posture, define and implement security practices, evaluate cybersecurity threats, and assist with penetration testing and compliance audits. Strong expertise in web application security, cloud security (preferably in AWS), and communication and collaboration skills are required for this role.
Responsibilities
- Partner with other teams to improve their security posture and monitor their configurations, vulnerabilities, and compliance
- Lead efforts to define, document, and implement industry-leading security practices and internal controls
- Evaluate new cybersecurity threats and IT trends to develop effective security controls
- Research, develop, and maintain a high-quality security/vulnerability posture
- Assist with penetration testing and compliance certification audits with security vendors
- Enable pre-sales technical teams to manage customer security questionnaires
- Monitor security stance and react and respond to alerts across platforms and tools
- Collaborate with Developers and leaders to triage, prioritize, and remediate weaknesses and vulnerabilities found during security assessments
- Coordinate with internal teams to operationalize and audit infosec policies
- Advise on core internal security policies and processes such as Security Incident Management, Risk Management, Vulnerability Management
- Lead and facilitate periodic regulatory processes (e.g., SOC2, ISO27001) and gather information across the company to fulfill obligations
- Manage vendor assessment processes and interface with external stakeholders as necessary
Requirements
- 8-10 years of related functional experience
- Deep expertise in the OWASP Top 10 and a thorough understanding of web application security principles and common vulnerabilities
- Expertise in cloud security, preferably in AWS, with a strong understanding of cloud security best practices
- Strong communication and collaboration skills, with the ability to work effectively across teams and influence stakeholders
Benefits
- Competitive pay
- Comprehensive, flexible benefits on day one
- Wellness allowance to spend on what's important to you
- Flexible hours + unlimited vacation + programs to support travel while working
- Access to Inkblot, a digital mental health platform + $1,500/person/year for mental health coverage
- Allowance to support ongoing growth and development
- Parental leave top-up
- Paid volunteer hours
- Employee resource groups to empower and drive change
- RRSP match
- Stock options
- Flexible holiday program
- Home office stipend
- Flexibility to work in the place that brings out your best