Information Security Manager

This company is a Quebec-based independent insurance company, serving both personal and commercial clients. The firm offers tailored insurance and risk management solutions across multiple industries, working with a wide network of insurers rather than a single provider. They are equally a technology company which has built an in-house software platform that is a no-code configurable platform for the distribution of financial products since 2020.

They are currently looking for an Information Security Manager. As an Information Security Manager, you will play a key role in implementing our long-term technology strategy. You will be responsible for ensuring that best practices in information security are defined, implemented, and maintained across all aspects of our infrastructure.

More about role:

We are looking for a very organized and diligent person to focus on Security related tasks. This person will provide weekly vulnerability scans, Quarterly Infrastructure assessments and monthly scorecards for the Information Security division. Given the nature of the business, they are very up to date when it comes to security technologies and spend a sizeable amount on their IT security.

They would like someone who comes from an environment where this focus and emphasis are shared.

This person would report into the CTO and also CEO. 80% of the time will be spent with the internal team which consists of Infrastructure Lean, Infrastructure specialist, Helpdesk and other security related consultants. The other 20% will be with operational team more on the business side.

Title:

Information Security Manager

Address:  1 day a week in office. Napierville, QCJ0J 1L0

Type:  Full time and permanent

Salary:  120k + 5,000$-7,000$ bonus + benefits + matching RRSP 2-4%+ 4 weeks’ vacation. They also offer other perks as well including gym, office expense, electric car expense, 250$ a year for entertainment ect.

Your Responsibilities

Maintain internal information security policies by conducting regular audits of our systems and infrastructure to ensure compliance. We implement SOC2 and Law 25 compliance programs.

Maintain our incident response plan for information security, ensuring it remains aligned with infrastructure changes, legal and regulatory obligations, and industry best practices.

Continuously research scalable techniques for mitigating cybersecurity risks, software updates, and emerging tools that can strengthen our overall security posture.

Collaborate with internal software development teams, IT services, and technology solutions teams to ensure that information security best practices are integrated into all activities.

Regularly perform penetration tests and simulations to validate the robustness of our security posture.

Your Skills and Potential

Bachelor’s degree in Computer Science or IT Service Management (or equivalent).

In-depth knowledge of security best practices in a Windows environment, both at the server and endpoint levels.

Strong understanding of network security best practices, particularly with Cisco solutions.

Hands-on experience applying information security best practices to cloud solutions such as O365 and Azure.

Practical experience with next-generation security solutions (e.g., Cylance, Crowd Strike, Sentinel One, Darktrace).

Degree in Computer Science or Information Systems Management or higher (or equivalent).

Relevant information security certification such as CISM, CISA, or CISSP.

Bilingual (French and English) to communicate frequently with English-speaking vendors.

#J-18808-Ljbffr