Job Description

The Team Lead, Security is a critical member of Lightspeed's Security Operations Team, acting as a player-coach to a team of security analysts across North America and APAC. This role is designed for a senior technical expert ready to step into management. The Team Lead will dedicate their time to both hands-on security analysis as well as leading, mentoring, and developing their team. They will serve as the primary incident response manager during incidents, guide the team in in-depth analysis of security events, ensuring high quality end products, and oversee the development and maintenance of standard operating procedures. This role involves close collaboration with cross-functional teams to resolve incidents and proactive identification and mitigation of emerging threats.


Note: We prefer candidates based on the West Coast (PST time zone)


Role:


Leadership & Management

Serve as a primary incident response manager during security incidents, leading and coordinating containment, eradication, and recovery efforts. Lead, mentor, and manage a team of security operations analysts, fostering a collaborative and high-performance culture across different geographic regions (NOAM & APAC). Conduct weekly one-on-one meetings, enabling team members with their deliverables, provide performance feedback, and support the career development of team members. Coordinate and manage the team's workload and on-call schedule for incident response. Act as the primary escalation point for the security operations team. Partner with the Director of Security Operations on strategic initiatives and report on team performance and security posture. Communicate effectively with both technical and non-technical stakeholders. Advocate for propagating learnings from incidents, as well as security best practices and proactive threat mitigation throughout the organization.

Technical Operations

As a senior technical expert, participate in and provide hands-on support during incident response activities. Monitor and triage security alerts from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems, among others. Conduct in-depth analysis of security events to identify potential threats and vulnerabilities. Develop and implement detection use cases across the corporate environment as well as our array of products. Aid in the development and maintenance of standard operating procedures for incident detection and response. Enable Security Orchestration and Automated Response by either leveraging low-code tools or creating custom automation scripts. Maintain and update security tools and technologies, and identify opportunities for improvement.

And a little bit of....

On-call availability for incident response. Contributing as part of the wider team to achieve organizational objectives even if this means doing things that aren't strictly within the scope of your role.

What will help you be successful?

You have built strong relationships within the Security team and are seen as a knowledgeable leader in your field. You have achieved a thorough level of understanding across all aspects of Lightspeed's complex environments. You are able to own security projects from concept to completion, working with and engaging stakeholders across the organization as necessary. An overall reduction in organizational risk due to improved detection and response capabilities. Your team members show demonstrable growth and high engagement. You and your team are consistently meeting or exceeding defined Objectives and Key Results (OKRs).

Experience:

Bachelor's degree or equivalent experience in computer science, cybersecurity, network engineering, or a similar field. Extensive experience leading security incident response, including managing containment, eradication, and recovery for major incidents. Demonstrated experience in mentoring or formally leading a technical team. Significant experience using SIEM tools for log analysis and threat detection. Significant experience with additional security tools, such as EDR, CSPM, and DLP. Significant experience in detection engineering. Experience working with large-scale cloud environments (AWS, GCP, etc). Thorough understanding of threat intelligence sources and how to apply them in security operations. Demonstrated ability to work in cross-functional initiatives. Relevant certifications, such as CompTIA Security+ or CISSP, are a plus.

Attributes and Skills:

Strong leadership and mentoring capabilities. Excellent communication, collaboration, and interpersonal skills. Ability to analyze security events, identify patterns, and make informed decisions. Basic scripting or coding skills (e.g. Python) for automating tasks. Fluency in IaC tools (Terraform, CloudFormation, etc.) to automate secure infrastructure deployments is a plus. Experience working with CrowdStrike is a plus. Experience with protecting team members from social engineering is a plus. Thoroughness in investigating incidents and assessing risks. Extensive knowledge of security principles, access controls (IAM), network security, vulnerability management, incident response. Strong analytical and problem-solving skills. Ability to adapt to a complex and ever-changing environment. Continuous learning and staying up to date on the latest security trends and threats.

What's in it for you:

Join a growing team and help us move to the next level Amazing benefits & perks, including equity for all Lightspeeders Constant development of both your skill-set and business acumen with limitless growth opportunities Lots of autonomy, flexible work culture Innovation time to explore and learn at work Shaping the company by joining cultural & technical committees Tons of growth opportunities into technical or people management roles Opportunity to join a fast-paced, high-growth company Opportunity to learn, expand your skill set, forge wonderful relationships and make your mark within the diverse and inclusive Lightspeed family, a true Canadian tech success story


.... And enjoy a range of benefits that will keep you happy, healthy and (not) hungry.

Lightspeed equity scheme (we are all owners). Flexible paid time off and remote work policies. Health insurance. Contributions to your pension plan - RRSP. Health and wellness benefit of $500 per year. Paid leave and assistance for new parents. Mental health online platform and counseling & coaching services. Training opportunities to grow your skills and career Volunteer day. Fully stacked kitchen (hot and cold beverages, meals served) Happy hours to build your relationships with colleagues after work


To all recruitment agencies: Lightspeed does not accept unsolicited agency resumes. If we have not directly engaged your company in writing to supply candidates for a specific vacancy, Lightspeed will not be responsible for any fees related to unsolicited resumes.


Lightspeed is a proud equal opportunity employer and we are committed to creating an inclusive and barrier-free workplace. Lightspeed welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.


Where to from here?

Obviously, this has to be mutually beneficial: we want you to step into a role you love, and we want to offer you a place you're proud to come to every day.


Lightspeed is building communities through commerce, and we need people from all backgrounds and lived experiences to do that. We were founded in 2005, in Montreal's gay village and our original members were all part of the LGBTQ+ community. The ethos of our business has been about inclusion from the very beginning, and we strive to provide a workplace where everyone belongs.


Who we are:

Powering the businesses that are the backbone of the global economy, Lightspeed's one-stop commerce platform helps merchants innovate to simplify, scale, and provide exceptional customer experiences. Our cloud commerce solution transforms and unifies online and physical operations, multichannel sales, expansion to new locations, global payments, financial solutions, and connection to supplier networks.


Founded in Montreal, Canada in 2005, Lightspeed is dual-listed on the New York Stock Exchange (NYSE: LSPD) and Toronto Stock Exchange (TSX: LSPD). With teams across North America, Europe, and Asia Pacific, the company serves retail, hospitality, and golf businesses in over 100 countries.


Lightspeed handles your information in accordance with our Applicant Privacy Statement.