Work In Tech

‍

About the Job:

atVenu is growing and we are looking for the right person to help us continue to build and maintain a world class information security, compliance, and privacy program. This is a broad role that encompasses many facets of information security and compliance including, but not limited to:

• Governance (Policies, standards, processes, procedures)
• Compliance and frameworks (PCIDSS, SOC 2)
• Identity and access management
• Security awareness
• Risk management
• Privacy (GDPR, CCPA, PIPEDA)
• Cloud security
• Vulnerability management
• Disaster recovery
• Incident response
• This role collaborates closely with atVenu’s technical teams to implement and maintain programmatic safeguards to protect the data of the company and its customers.

Job Duties:

• Analyze compliance or framework requirements, identify gaps in ourcurrent state, and contribute to remediating them.
• Assist in the creation and maintenance of governance documentation.
• Work with other areas of the business to implement businessprocesses that satisfy control requirements.
• Monitor the performance of atVenu’s controls.
• Contribute to the strategy of the information security and privacy program.
• Administration of the company’s information security awareness program.
• Assist with incident response and disaster recovery planning.
• Perform risk assessments on vendors, enterprise risks, controls etc.
• Respond to inquiries from atVenu’s customers regarding our information security program. 

Required Education, Experience, &Competencies:

‍

• Completion of a cybersecurity program/certification or demonstrated 2+ years of experience in one or more of the above listed areas of security, compliance, and risk management.
• Attention to detail and the ability to distill the underlying meaning from requirements in control frameworks.
• Proven ability to provide good judgement when evaluating and recommending controls; finding the balance between the right practice and the best practice.
• Ability to effectively communicate with both technical and non-technical audiences.
• Excellent writing skills (Writing policies, procedures, responding to customers).
• Familiarity with best practices for information security and privacy.
• Strong organization and time management skills – ability to efficiently drive initiatives to completion.
• A keen desire to learn the aspects of the role you may not be familiar with.

Nice to have:

• Experience with informationsecurity frameworks (PCI DSS, SOC 2, ISO 27001, NIST)
• Experience facilitating audits
• Familiarity with cloud (AWS) and network security concepts
• Experience maturing an information security program
• Experience with Jamf Pro, Jamf Connect, Jamf Protect
• Experience compiling program performance metrics (KPIs, KRIs)

Location:

• Calgary, with option to work in office or remotely; but in office when requested (rare occurrence)

What we offer:

• A high trust work environment: we inherently believe people want to do what’s right for themselves and the company they are part of.
• Remote work option, for real. We are so remote we don’t even havecore office days. Talk to your leader to figure out what is best for you andthe team.
• Flexible time off: this goes with our high trust work environment.Take the time you need away from work to play, take care of friends/family or simply recharge. Your time is yours to manage – mostly, we all know there has to be some form of approval, right?
• Competitive benefits paid for by atVenu. Our plan provides short-term and long-term disability, health, dental, vision, life insurance, RRSP matching, a health spending account and… You get the idea, our plan is pretty comprehensive.
• A competitive salary, a bonus and some options. Yes, options!

‍