Security Operations & Analytics Lead

Here’s a little song we wrote about you:  You’re a leader with a strong technical background. You're pretty awesome at developing and implementing a risk based cyber security & data privacy strategy, defining roadmap and operating model that leverages collaboration and company-wide resources, facilitating industry standard information security governance, advising senior leadership on cybersecurity & privacy risks and threats and investment strategies, and documenting appropriate policies and procedures to manage information security risks.

Now we get to brag about us: Lightspeed powers small and medium-sized businesses in over 100 countries around the world with its cloud-based commerce platform. Its smart, scalable, and dependable all-in-one Point of Sale software system helps restaurants and retailers sell across channels, manage operations, engage with consumers, accept payments, and grow their business. Founded in 2005 with offices in Canada, USA, Europe and Australia, Lightspeed recently completed its initial public offering on the Toronto Stock Exchange (TSX: LSPD). We're passionate about enabling people to do their best work. Come work with us and find out what you can do.

Primary responsibilities

  • Establish and deliver, an information security operations & Analytics program/roadmap and project priorities that provide continual improvements in security posture and maturity.
  • Establish appropriate metrics and reporting mechanisms that allow tracking of security control effectiveness and service performance.
  • Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
  • Demonstrate leadership and create a strong bridge within the organisation, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies and practices regarding Information security.
  • Establish and maintain an industry leading Security Operation Centre (SOC) that detects and contains potential security threats and protects Lightspeed's systems and data (IT and OT).
  • Convene and lead the Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating cybersecurity incidents that arise.
  • Provide management with regular incident status updates and advice/guidance on appropriate actions/responses
  • Implement responses/actions as appropriate and agreed by management
  • Provide leadership, direction and guidance in problem management to ensure ongoing improvements to security operations capabilities.
  • Continually assess and recommend new technologies and tools that will help enhance Lightspeed's overall cybersecurity risk profile.  

Requirements

  • Bachelor degree in a related field or relevant experience
  • A minimum of 8 years of experience in information security operations & analytics
  • Professional membership/certifications from recognised Security organisations e.g. CISSP, SANS, CISM, CEH
  • Significant and credible operational and technology leadership cybersecurity & privacy experience over a sustained period in a high-profile industry.
  • Deep understanding of security risks, technologies, architectures and frameworks.
  • Deep understanding of data engineering, encryption and obfuscation/tokenization techniques
  • Demonstrable internal and external relationship building skills and the ability to clearly articulate complex security concepts that influence decision making within a diverse corporate culture.
  • Experience in SIEM technologies
  • Experienced in recruiting, building and leading world-class teams.
  • Exceptional communication skills necessary to advise and influence senior management, oversight committees and external organisations.

Assets

  • Experience with Agile development
  • Experience with Kubernetes and docker environments
  • Experience with bug bounty programs
  • Knowledge of PCI DSS, ISO 27001, OWASP
  • Experience with OS X and iOS development
  • Experience in the data, payment or financial industry
  • Experience in the retail and eCommerce industry
  • Recognized security certifications (CEH, OSCP, CISSP, etc.)
  • Fluency in French

And what about the rest?

In addition to the perks you see on the Careers page, you’ll get access to:

  • A beautifully renovated office space in a castle; one of the best development centres in Montreal;
  • An environment that encourages initiatives and leadership;
  • Happy hour every Friday afternoon;
  • Birthday treats every month to celebrate our employees;
  • Social events throughout the year;
  • Fun activities with your teammates - be part of the Lightspeed family;
  • Work with highly talented people who are as passionate about their craft as you are!