Job Type: Contract
WHERE YOUR EXPERTISE IS NEEDED
We are looking for a result-oriented CIO/CISO in Kitchener, Ontario, to join our team as a consultant. As a sole consultant of our information security team, you’ll be accountable for running all aspects of the information security function for our operations. The role will entail directing strategy, and operations of the information security, performing security audits, reviewing code and sharing best practices in regards to document security. Work closely with the CEO and CTO to improve information security across the business. We need someone with vision and ideas which will tackle any problem as well as the ability to roll your sleeves up and get involved.
WHAT WE’RE LOOKING FOR
- Managing the daily operation and implementation of the information security strategy
- Audit, develop, review, and approve security policies, documentation, code controls, and cyber incident response planning.
- Expert experience and knowledge of the HIPPA Security Rule
- Ensure that disaster recovery and business continuity plans are in place and tested.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
- Maintain a current understanding of the IT threat landscape for the industry
- Ensure compliance with the changing laws and applicable regulations in the USA
- Translate that knowledge to identification of risks and actionable plans to protect the business
- Perform periodic security audits and risk assessments
- Make sure that security policies and procedures are communicated to all personnel and that compliance is enforced
- Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget
- Communicate best practices for documentation, code, policies, and risks to all parts of the business
WHAT SKILLS YOU’LL NEED
- 5+ years’ experience in an InfoSec role with experience of working in Health Care is a must
- Start-up experience is a plus
- Established background in Information Security Engineering and Engineering Architecture
- Strong background and working knowledge of IT, Networking, Development, USA Policies, and Security technologies and controls
- In-depth knowledge of the cyber threat landscape, cyber-attacks, and counter-measures
- In-depth knowledge of the regulatory/legal landscape regarding; InfoSec, Cyber, and Privacy matters within the Health Care Sector
- Consulting, Analytical, risk, and decision-making skills
- Positive attitude: 'Can do' approach and willing to give everything a go from manual processing to larger projects
- Excellent organization skills: the ability to plan and organize work so that it is efficient and effective
- Solid project management skills – providing direction, educating CTO and CEO, driving performance.
- Desirable industry certifications include; CISM, CISSP, CISSP-ISSAP, CISSP-ISSEP, CCSP,
To put it bluntly — it’s about getting things done and taking ownership over what you do. We don’t hide behind fancy job titles or set up bureaucratic processes. Instead, we treat our people equally, fairly, and give them a ton of freedom and autonomy to create something awesome. We make mistakes, we learn from them, and we back everything up with data and logic.
PERKS AT WORK
- Join a team of exceptional developers and take the excellent opportunity to formulate a 21st-century application.
- We promote a culture of fun, trust, inclusiveness, empowerment, collaboration, and constructive feedback.
- Work with cutting edge technology on a very complex project that promotes meaningful work.
- Game room, Thursday lunches, staff games, etc.
- Comprehensive benefits.
- Competitive market salary rates.
We’re Reinventors with everything we do. Reinvention is not change. It’s out –thinking tomorrow.