Information Security Engineer

Information Security Engineer

Toronto, ON, Ontario  - Permanent

Job Description

Join a leading education technology company that’s transforming lives around the world.

Our client was founded by two computer science professors at Stanford with a vision of providing life-transforming learning experiences to anyone, anywhere. It is the world’s largest online learning platform for higher education. 190 of the world’s top universities and industry educators partner with them to offer courses, Specializations, and degrees that empower over 40 million learners around the world to achieve their career goals. Over 1,800 companies use the company’s enterprise platform to transform their talent. They're backed by leading venture capital firms such as Kleiner Perkins Caufield & Byers, New Enterprise Associates, GSV Capital, International Finance Corporation, Laureate Education Inc., and Learn Capital.

Must Have Skills:

Your Responsibilities:
- Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
- Undertake and lead regulatory readiness assessments and development of appropriate compliance strategies (SOC2, FERPA, ISO27001, NIST, etc.) Driving and achieving SOC2 type2 certification in a first year
- Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
- Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team
- Maintain company security breach response documentation and provide necessary training and periodic table top exercises for extended CIRT team
- Establishing and coordinating remediation and mitigation for identified security risks
- Ensuring technical security controls are in place, maintained and audited on a periodic basis

Your Skills:
- 5+ years’ of working experience in an Information Security and Compliance role
- Have solid knowledge of ISO 27001, NIST and other information security standards and ideally have some experience implementing these standards
- Industry standard security certification(s) a Plus: CISSP, CISA, CISM, etc.
- Previous experience reviewing/writing security related legal documents is a plus
- Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and applied cryptography
- Self-motivated and results-oriented
- Excellent interpersonal and communication skills


Starting: ASAP