Senior Information Security Officer

Were Hiring!Senior Information Security OfficerToronto TYPE: Permanent Full-TimeHIRING RANGE: $101360 to $121360REASON FOR HIRING: New RoleWORK MODEL: RemoteLANGUAGE: English French is an assetWHO WE ARESOCAN is a not-for-profit copyright collective dedicated to ensuring music creators and publishers receive what they have rightfully earned for the use of their work. SOCAN supports and represents nearly 200000 songwriters composers and music publishers. Through licensing global royalty collection and advocacy we help creators to keep making the music that entertains moves and inspires COMMITMENT TO DIVERSITY EQUITY INCLUSION AND ANTI-RACISMSOCAN thrives with a variety of viewpoints identities and backgrounds and we are committed to anti-racism. Everyone is welcome to apply for our wide range of roles regardless of gender identity gender expression ethnicity race age culture sexual orientation religious belief or physical ability. Learn more about SOCANs commitment to Inclusion & WORK WITH USMake a difference by supporting and collaborating with a vibrant and creative communityEnjoy many options for workplace flexibility and work-life balanceGet involved in the rapidly changing creative spaceAdvocate for and empower the creative communityTogether well help music creators earn more income and make a livingWHAT WE OFFER35-hour workweek schedule (possible flexible work options i.e. 4-day work week (position based)Twelve paid sick days annually (including five personal days) Access to SOCAN fitness facilityAnnual Performance Incentive bonus (dependent on a personal and company performance) Defined contribution Pension PlanComprehensive health and dental benefits programInclusive and collaborative working environment ABOUT THE ROLEThe Senior Information Security Officer (SISO) helps protect the organizations people data and technology by building and operating a pragmatic security program across governance risk management and security operations. Working on a small team with wide-ranging responsibilities the ISO partners closely with IT and business stakeholders to reduce risk through policy and standards security monitoring and detection engineering threat hunting incident handling and continuous improvement of security controls automation and resilience across a hybrid environment consisting of Microsoft Azure and on-prem infrastructure hosted on VMware ESX/ YOULL DO / KEY RESPONSIBILITIESSecurity Governance: develop maintain and socialize security policies standards procedures and security architecture guardrails aligned to business objectivesRisk Management: lead and/or support security risk assessments control reviews threat modeling risk treatment plans and executive-ready reportingSecurity Operations: design and continuously improve security monitoring alerting and response processes across Microsoft Azure cloud and on-prem infrastructure (VMware ESX/NSX) as well as endpoint identity network and SaaS environmentsDetection Engineering: build and tune SIEM detections and analytics (queries correlation rules use cases) reduce false positives and measure detection coverage (e.g. mapped to MITRE ATT&CK)Threat Hunting: conduct proactive hunts using logs/telemetry develop hypotheses document findings and translate learnings into new detections and control improvementsIncident Handling: triage and investigate security alerts; lead incident response from containment through eradication and recovery; run post-incident reviews and drive corrective actionsSIEM & Automation: operate and optimize SIEM/SOAR integrations log onboarding parsing/normalization playbooks and automations to improve MTTR and analyst efficiencyVulnerability Management: manage scanning and remediation workflows prioritize findings based on risk track SLAs and validate fixesSecurity Assessments & Testing: perform technical security assessments configuration reviews and support or execute penetration testing; coordinate remediation with ownersApplication Security: partner with developers or vendors on secure SDLC practices and standards (OWASP ASVS and OWASP Top 10) including code review support dependency scanning secrets management CI/CD security and developer enablementThird-Party & SaaS Security: assess vendors and integrations review security controls and monitor ongoing riskSecurity Awareness: contribute to security training guidance and internal communications to strengthen the security cultureDocumentation & Metrics: maintain runbooks and playbooks; define KPIs/KRIs (e.g. coverage response times patch SLAs) and report progressWHAT YOU WILL BRING / QUALIFICATIONS & EXPERIENCEBachelors degree in Computer Science Information Security or related field (or equivalent practical experience)5 years of progressive experience across multiple information security domains (governance/risk and hands-on security operations)Hands-on experience with SIEM platforms (Microsoft Sentinel) including log onboarding detection development tuning and dashboardingDemonstrated detection engineering and investigation skills: KQL proficiency alert triage and evidence-based incident responseExperience performing threat hunting and translating hunts into detection use cases and playbooksIncident response experience including scoping containment eradication recovery and post-incident retrospectivesStrong understanding of core security controls across identity (SSO/MFA) endpoint security networking logging/telemetry and hybrid security concepts spanning Microsoft Azure and on-prem infrastructure (VMware ESX/NSX) (e.g. Entra ID/Azure AD Azure networking key management cloud posture management and segmentation/micro-segmentation)Vulnerability management experience: scanning (infrastructure and apps) prioritization remediation tracking and verificationExperience with security assessments and/or penetration testing methodologies and reportingApplication security experience: secure SDLC OWASP Top 10 API security dependency and secrets scanning and partnering with developersAutomation/scripting ability (e.g. Python PowerShell Bash) and experience integrating security tools via APIs/webhooks; SOAR/playbook experience preferredKnowledge of security frameworks and standards (e.g. NIST CSF/800-53 ISO 27001 CIS Controls) and practical risk managementRelevant certifications are an asset (e.g. CISSP CISM GIAC GCIH GCIA GCED OSCP AZ-500 SC-200/SC-100)Excellent written and verbal communication skills; able to explain risk and technical findings to both technical and non-technical & ACCOMMODATIONSOCAN is committed to providing an inclusive workplace environment that meets the accessibility needs of employees with disabilities. Should you require accommodations please contact us directly at and we will make the necessary accommodations. Applications submitted to this email address will not be EMPLOYMENT OPPORTUNITYSOCAN is an Equal Opportunity Employer. Hiring and other employment decisions at SOCAN are made without regard to race colour religion sex ancestry national origin ethnic origin age disability citizenship veteran status sexual orientation record of offences marital status family status or any other characteristic protected by federal provincial or local law regulation or you dont see yourself fully reflected in every job requirement listed on the posting above we still encourage you to reach out and apply. Research has shown underrepresented groups often only apply when they feel 100% qualified. We are committed to creating a more equitable inclusive and diverse company and we strongly encourage applicants of all genders ages ethnicities cultures abilities sexual orientations and life experiences to applyHOW TO APPLYIf youre interested in joining us wed love to hear from you: you for your interest in our company; we will be in touch with those candidates we wish to learn more about SOCAN go . You can also follow us on LinkedIn Twitter Instagram and Facebook (@SOCANmusic/@SOCANmusique).