VP, Product and Engineering Security (Vancouver, BC)

GeoComply provides fraud prevention and cybersecurity solutions that detect location fraud and help verify a user's true digital identity.

We’re GeoComply! We are at the forefront of geolocation, cybersecurity, and anti-fraud innovation, developing and delivering cutting-edge technologies to help ensure regulatory compliance, combat bad online actors, alleviate user friction, and protect businesses from fraud.

Achieving significant business and revenue growth over the past three years and dubbed a tech “Unicorn,” GeoComply has been trusted by leading global brands and regulators for over ten years. Our compliance-grade geolocation technology solutions are installed on over 400 million devices and analyze over 12 billion transactions a year.

At the heart of it all is the people, united by a deep commitment to problem-solving and revolutionizing how people and businesses use the internet to instill confidence in every online interaction. With teams across five countries, three continents, and a global customer base, we have no plans to slow down.

As the VP, Product and Engineering Security at GeoComply, you will be a pivotal leader responsible for shaping and executing a comprehensive security strategy that deeply integrates with our product development lifecycle and corporate infrastructure. This role demands a strong technical foundation in application and product security and experience in managing corporate security risks to safeguard our innovative technologies, intellectual property, and customer data while meeting regulatory requirements. You will collaborate closely with engineering, product, and executive teams and external stakeholders to navigate the evolving digital security landscape.

This role offers the opportunity to lead a best-in-class security organization that supports GeoComply’s growth while positioning us as a leader in security and compliance across the industries we serve.

• Define and champion a global security vision that prioritizes secure development practices, application security, and infrastructure protection, aligning these initiatives with GeoComply’s business objectives and growth strategy.
• Own the comprehensive security roadmap, specifically focusing on integrating security into the SDLC and ensuring the resilience of our products and platforms against evolving threats.
• Partner closely with engineering and product leadership to embed security by design principles and influence key technical decisions, ensuring cybersecurity is a fundamental aspect of our innovation and future planning, including our IPO preparations.

• Establish a risk-based security framework that protects the company’s critical infrastructure, data, and products while adapting to regulatory requirements and industry standards.
• Champion regulatory compliance efforts by leading key initiatives such as ISO 27001, SOC 2, and GDPR, ensuring full readiness for audits and certifications, focusing on how these apply to our product offerings.
• Lead GeoComply’s global risk management program, ensuring proactive identification, assessment, and mitigation of security risks across all facets of the business, including those inherent in our technology and development processes.
• Incident Management: Lead all aspects of the company’s incident management program and processes, including incident response and breach notification, regulatory communications, and resolution. Partner with internal stakeholders to drive root cause assessment and corrective action.

• Serve as the primary representative for GeoComply’s security strategy, engaging with board members, investors, regulators, and key industry partners to articulate the company’s overall security posture, including the security architecture and measures embedded within our products and technology.
• Foster strong relationships with regulatory bodies and law enforcement, ensuring alignment with current and future legal and regulatory landscapes.
• Represent GeoComply globally, shaping industry standards, influencing cybersecurity policy, and positioning the company as a leader in secure digital transactions and technological innovation.

• Cultivate a security-first culture by empowering teams across the organization, especially within engineering and product, to prioritize security, providing targeted education on secure coding practices and application security.
• Lead, mentor, and inspire the global information security team, including application security engineers, developing future leaders, and fostering a culture of innovation, collaboration, and accountability.
• Shape the organization’s future cybersecurity talent strategy, ensuring the right capabilities are in place to support the company’s ambitious growth and technological advancements, with a strong emphasis on recruiting top-tier technical security expertise.

• A Bachelor's or Master's degree in Computer Science, Information Security, Software Engineering, or a closely related technical field, or equivalent demonstrable experience, and a strong portfolio showcasing significant achievements in application and product security leadership.
• Relevant industry certifications such as CISSP, CSSLP, OSCP, CEH, or cloud security certifications are highly desirable.
• A visionary leader with deep and demonstrable technical expertise in product and application security, coupled with strategic foresight and proven experience in corporate security.
• Extensive experience leading and building security programs that are deeply integrated with the software development lifecycle (SDLC) and cloud-native applications.
• Possesses a strong engineering mindset, capable of earning the trust and respect of software and infrastructure engineers, acting as a trusted advisor and engaging proactively and effectively on technical security matters.
• Track record as a Security Leader or equivalent leadership role within a fast-paced, high-growth technology environment, ideally in gaming and/or financial services, and in highly regulated industries.
• Demonstrates a deep understanding of common application vulnerabilities (OWASP Top 10, etc.) and effective mitigation strategies.
• Exceptional leadership capabilities, with a demonstrated ability to lead cross-functional teams, influence senior executives, and drive cultural change.
• Comprehensive understanding of risk management and compliance frameworks such as ISO27001 and SOC2, with a practical understanding of their application to software development and deployment.
• Outstanding communication skills, with the ability to engage effectively with executive leadership, board members, customers, regulators, and other external stakeholders, as well as internal employees, team members, and peers.

Our compensation reflects the cost of labor across several Global markets. The salary for this position ranges based on location and experience. Pay is based on several factors evaluated throughout the interview, including market location, job-related knowledge, skills, and experience. At GeoComply, our salary bands are crafted with purpose. They testify to the diverse range of skills and experiences that fuel our success. In addition to our competitive salary package, we also offer the following personal and professional development benefits:

- Performance-based bonus

- Equity plans

- Paid vacation and sick days

- Extended health benefits

- Sports and Physical Wellness budget (30% of L&D Allowance)