Job Description

We\'re looking for a Manager of Information Security to lead the Incident Response and Security Development teams, help us implement the technical security strategy, work on prioritizing security initiatives and align investment to mitigate our information security risk. You\'ll be reporting to the Senior Director, Information Security and Product Privacy working to support the overall business strategy, creating trust and credibility by building a track record of delivering high quality, standardized security solutions on time and within budget. While working remotely or in a hybrid work arrangement, a blend of virtual (in accordance with Hootsuite\'s distributed workforce strategy), and in Hootsuite\'s Vancouver or Toronto office, you will report to the Senior Director, Information Security and Product Privacy.

WHAT YOU\'LL DO:

• Lead a team of technical Information Security professionals who are specialized in Incident Response and Security Development.
• Manage day-to-day operations of our Security Incident Response team, on-call schedule and relationship with our Managed Security Service Provider (MSSP)
• Manage reporting staff, including selection, coaching, mentoring, development, performance management and all other people-management practices, including DE&I.
• Manage SecDevOps aspects of our production and IT infrastructure in coordination with the cloud operations, R&D and IT teams.
• Help define and deliver the Information Security Incident Response and Security Development teams\' Strategy and Roadmap.
• Manage Hootsuite\'s various application security testing processes, including internal and external pen-tests, code scans, architectural reviews and vulnerability management.
• Define, inform and facilitate implementation of appropriate information security controls and risk management measures to ensure the confidentiality, privacy, integrity, and availability of Hootsuite\'s digital assets.
• Work to document and improve Hootsuite\'s information security architecture, and design of security systems.
• Provide prioritized and detailed security-related requirements to the various parts of the organization, including legal, IT, development and production operations.
• Ensure compliance with the relevant laws and applicable regulations.
• Build effective relationships and communications with the business functions, internal technology, and product development teams.
• Drive accountability across the organizations.
• Stay abreast of industry trends in information security, legal, data protection, privacy, regulatory, technological developments, Hootsuite\'s areas of business and consult with internal and external stakeholders accordingly.
• Review investigations after breaches or incidents, including impact analysis and recommendations.

WHAT YOU\'LL NEED:

• 8+ years of proven experience and demonstrated success in technology leadership with an emphasis on SaaS information security.
• Undergraduate degree in Computer Science, Software Engineering, or Electronic Engineering.
• Proven ability to work with competing resources, budget limitations, and strong conflict management and problem-solving skills.
• Hands-on experience with AWS cloud environment and security related tooling (WAF, GuardDuty, CloudTrail, etc.)
• Hands-on software development experience with focus on agile SDLC, software composition analysis, threat modeling, code scanning and handling OWASP
• Well versed in information security industry best practices on cloud-based environments. CISSP, CRISC or CISM certification is a plus.
• Accountability: holds self and others accountable to meet commitments
• Commitment to Results: consistently achieves results, demonstrating high performance, and challenging self and others to deliver results
• Decision Making: consistently chooses the best course of action (from a number of alternatives) to address business problems and/or opportunities
• Problem Solving: uses an organized and logical approach to find solutions to complex problems. Looks beyond the obvious to understand the root cause of problems
• Process/Project Management: skilled at figuring out and managing the processes and timelines necessary to get work accomplished
• Inclusive Leadership: Builds inclusive, cohesive teams which apply diversity to achieve common goals
• Play to Win: Capably delivers results through others, is good at establishing clear direction, helping others achieve their best work
• Long Range Planning: Identifies key issues and relationships relevant to achieving a long-range goal or vision; Builds an integrated plan for course of action to accomplish this vision
• Enablement: Challenges and supports others to create results but also develop new capabilities. Successfully develops the capacity and capability of team and individuals on the team

WHO YOU ARE:

• Tenacious. You are determined to succeed, and you are motivated by the success of customers, colleagues and the community.
• Curious. You are always learning and seeking ways to make things better.
• Conscientious. You keep your promises, taking your commitments to others seriously, and you have strong integrity.
• Humble. You lead with humility and empathy, respecting and learning from the perspectives of others.

In all we do, our six guiding principles light the way:

Step Up: Show the world what it looks like to live and work by these guiding principles. #StepUp

One Team: Make Hootsuite a place where everyone feels safe, welcome, valued, and empowered to do their best work without compromising who they are. #OneTeam #FreeToBeMe

Customer Obsessed: Focus relentlessly on helping our customers succeed. #CustomerObsessed

Go Fast, Be Agile: Widen our competitive advantage by committing to speed and simplicity over perfection and complexity. #GoFastBeAgile

Play to Win: Commit to building an incredible, profitable company for our customers, our employees, and our stakeholders. #PlayToWin #NoExcuses

Neighbours & Allies: Give back to our communities and be an ally. #SocialForGood #Allies

Accommodations will be provided as requested by candidates taking part in all aspects of the selection process.

Hootsuite