We’re looking for a Senior Information Security & IT Operations to lead and support the global EventMobi organization. In this role, you lead all aspects of EventMobi’s security and data privacy and protection, drive compliance projects and build our InfoSec Roadmap across the organization. You will help champion corporate best practices and key security initiatives including risk management, effective application security programs, policies and standards to fortify EventMobi’s commitment to assuring the trust of our customers and partners.
If this sounds like just the role you’ve been hoping for, please apply and tell us more about yourself!
EventMobi is an award winning tech startup with offices in Toronto, Berlin and Manila with thousands of clients across the globe. We believe live events (in-person or virtual) bring people together to enable change, for businesses and society at large. At EventMobi we have a huge impact on enabling success for events and their attendees. We are on a mission to revolutionize how event planners create, market and manage their events and how attendees experience conferences and tradeshows.
WHAT YOUR WORK WILL FOCUS ON
Strategy & Planning:
- Develop, implement, and monitor a comprehensive security program and policies focused on ensuring the availability, confidentiality, and integrity of owned information that is controlled or processed.
- Design and implement an effective corporate-wide security awareness training program.
- Act as Point of Contact by engaging in ongoing communications with peers, senior IT management as well as the various business groups to ensure enterprise wide understanding of security goals.
- Procuring and managing IT inventory (quoting, receiving goods, software management/license compliance, etc.) and update documentation.
- Managing and monitoring all end-user devices via MDM (i.e. Moysle, Maraki, Jamf or similar) and ensuring all devices are kept up to date.
- Owning and managing a suite of SaaS tools such as OneLogin, GSuite, MS Office, Slack, RingCentral and more as well as integrate new SaaS tools.
- Own Security in SDLC, Security Reviews, Vulnerability Scans, Code Analysis.
- Build and drive security roadmap items.
- Organize application Pen Testing and remediation process.
- Respond to Security questionnaires.
- Become the internal expert in GDPR, Privacy & Data Protection Laws and Regulations.
- Build and conduct internal Security & Privacy Policies, Training, Compliance.
- Act as our Data Protection Officer.
- Enforcement actions, investigations or litigation related to privacy or information security.
- Security Breaches, Security / Privacy Incident Response Program / Process / Policy.
- Documented procedure for responding to requests for customer data from regulatory authorities, courts, law enforcement authorities and other third parties.
- Information Security & IT Operations LeadCreate and maintain documentation around Data Inventory and Classification.
- Create and maintain a Risk Register and conduct Risk Assessments.
- Lead certification efforts and audits around ISO, SOC etc.
- Maintain agreements and inventory of sub-processors (location, business purpose, data shared with, etc.)
- 5+ years of related work experience
- Excellent communication, documentation and organizational skills
- Certification or Bachelors degree in Engineering, IT, Information Security or similar fields
- Deep understanding of IT controls and IT audit methodologies
- Experience managing Governance, Risk and Compliance frameworks
- Have familiarity and experience with standards and compliance frameworks like ISO, CSA, SANS, OWASP, NIST, SSAE SOC, ITIL, etc. and strong regulatory and compliance knowledge of CCPA and GDP
WHAT YOU WILL GET FROM EVENTMOBI
- We offer the experience of a lifetime working with a dynamic, open-minded and diverse team, who are excited to come to work every day and passionate about what they do and the clients they help.
- Competitive compensation
- Company Stock-Options
- A great culture with much more along the way
- You have a safe, comfortable, and ergonomic workspace and working environment – a private and quiet workspace is vital for doing your best work!
- You have a reliable ethernet connection of at least 30Mbps upload speed with a wired connection or reliable WiFi at home.