Vice President, Information Security

As the Vice President, Information Security, you will lead the cyber security practice at Moneris, focusing on perimeter protection, data protection standards and techniques, PCI and security compliance, access and identity management, social engineering awareness and testing, and building a world-class team of information security professionals.

You will also develop and implement the enterprise's information security strategy, policies, standards, risk assessments, risk management processes, and technology to ensure that Moneris' information assets are adequately protected. This includes maintaining an acceptable level of controls that enable the business to operate efficiently, cost-effectively, and in compliance with regulatory and industry standards.

Location: Toronto, ON office with a hybrid work model.

Reporting to: Chief Information Security Officer and Chief Technology Officer.

• Manage and maintain controls and programs to protect against cyber attacks, unauthorized data access, and data export, ensuring ongoing PCI compliance and implementing technology to prevent zero-day attacks and data loss.
• Lead and develop a world-class information security team.
• Collaborate with development, infrastructure, and product teams to achieve higher security standards, including PCI, PA-DSS, PCI-PED, and other industry standards.
• Proactively identify security deficiencies and challenge existing processes.
• Establish policies and best practices for security standards across architecture and operations.
• Oversee security lifecycle strategies across web, mobile, and terminal platforms.
• Develop secure infrastructure and vulnerability management processes based on industry best practices.
• Chair the Digital Risks Committee to monitor and mitigate digital risks.
• Conduct security reviews and digital risk assessments for Moneris systems.
• Coordinate with Compliance, HR, Legal, Internal Audit, and IT Security teams on incident investigations, audits, and proposals.
• Manage the Information Security Policy, including organization-wide awareness and annual updates.
• Oversee the Computer Security Incident Response Team (CSIRT).
• Develop and manage the IT Security & Risk Management annual business plan aligned with long-term objectives.
• Identify industry trends and best practices to benefit the organization and present recommendations to executives.
• Define the strategic direction for Information Security & Risk Management for the next 12-18 months.

• Bachelor’s degree in Computer Science or related field.
• Certifications such as CISSP, CISM, GIAC.
• Over 10 years of experience in information security.
• More than 5 years of experience managing teams.
• At least 2 years of strategic leadership experience.
• Proficiency in Microsoft Windows and MS Office.
• Strong understanding of application security.
• Knowledge of PCI-DSS and PA-DSS certification processes.

• Experience in the payment industry is an asset.

• Comprehensive rewards including bonuses, flexible benefits, and a choice between HSA or PSA.
• Access to learning resources, including Coursera and educational assistance.
• Focus on well-being with Employee Assistance Program, virtual healthcare, wellness events, and a supportive culture.
• Commitment to Diversity, Equity, and Inclusion initiatives.
• Company-wide paid year-end closure and personal days for religious, personal, and volunteer activities.

Learn more about employee perks at Moneris.com/careers

LI-Hybrid

We encourage applications from Indigenous peoples, people of colour, individuals with disabilities, and all genders and sexual orientations. We value diverse experiences and backgrounds and invite you to share your transferable skills and experiences that support your success in this role.