Senior Red Team Operator executing Red Team and Purple Team operations in Canada. Delivering scenario - driven operations in a continuously evolving cybersecurity landscape.
About the role
- Principal Business Information Security Officer at LastPass leading risk advisory and governance processes. Driving cross-functional collaboration to ensure scalable security frameworks in a competitive environment.
Responsibilities
- Lead the continued evolution of LastPass's risk management framework to ensure it remains repeatable, scalable, and consistently applied
- Design and scale the BISO-aligned advisory model, defining engagement patterns, communication flows, and partnership rhythms that embed GRC in business decisions
- Provide just-in-time risk advisory for product development, engineering changes, supplier decisions, architecture reviews, and other high-impact initiatives, ensuring risks and tradeoffs are clearly understood
- Build strong cross-functional partnerships, serving as a trusted advisor who translates complex technical and business risks into actionable, business-aligned recommendations
- Coach GRC Analysts to adopt advisory behaviors, apply the risk framework consistently, and deliver high-quality just-in-time support across their aligned business areas
- Partner with Governance and GRC Engineering to integrate risk insights with standards, continuous control monitoring signals, and assurance workflows
- Lead technical and executive-level risk discussions through Risk Governance Committees, driving clarity, alignment to risk appetites, and accountable decisions
- Produce clear, executive-ready risk narratives, reports, and dashboards that support leadership understanding, prioritization, and decision-making
Requirements
- Proven experience in security, risk management, or GRC, with a strong record of delivering advisory support to technical and business teams
- Deep expertise in risk analysis, including quantification, frameworks, and risk-informed decision-making, with experience building or evolving risk programs
- Demonstrated ability to lead technical and executive-level discussions, facilitate risk governance committees, and drive stakeholder alignment
- Strong track record of building cross-functional partnerships, influencing decisions, and communicating complex risk topics in clear, actionable terms
- Experience providing just-in-time security or risk guidance in fast-paced product, engineering, or SaaS environments
- Strong facilitation, communication, and storytelling skills, with the ability to create concise, executive-ready summaries and risk narratives
- Ability to coach and mentor team members to strengthen advisory skills and ensure consistent application of risk processes
- Growth-oriented mindset, willing to challenge the status quo and introduce scalable, modern practices
- Certifications such as CISSP, CISM, CRISC, CISA, Security+, or related certifications in information security or audit (great, but not required)
- Experience working with global teams (great, but not required)
Benefits
- Competitive compensation
- Flexible Paid Time Off policies, including but not limited to: Quarterly Self-Care Days (4 extra paid days off annually) and Volunteer Days
- Parental leave
- Comprehensive health coverage, including dependents
- Home office setup support
- LastPass Families free account for up to 5 members
- Continuous learning and development opportunities, including an annual learning stipend to invest in your growth
- Peer-to-peer recognition through Motivosity
- Employee Assistance Program for well-being support
- Remote work stipend to support your home office needs
- Short-Term or Remote-Centric Work Arrangements for added flexibility
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Director of Access Request Control at RBC establishing a framework for access request compliance. Collaborating across teams to streamline access and audit processes.
Product Owner driving evolving proactive security services portfolio across Risk Advisory, Application Security, and Cloud & AI Security. Collaborating with technology stakeholders to deliver high - value outcomes.
LP
Cybersecurity – Identity & Access Management (IAM)
LinkedIn Recruiter Post
Hiring Cybersecurity IAM expert for 12 - month contract in Toronto, ON. Requires 10+ years in IAM, AI/ML Security, and Zero Trust.
Loss Prevention Home Office Security Coordinator ensuring workplace safety and security for TJX Canada. Responsible for day - to - day monitoring and crisis management as a first responder.
Manager of Global Security and Safety at Genetec leading global security programs and protecting physical assets. Collaborating with executive leadership to implement risk - based security strategies.
Consultant managing complex cybersecurity projects remotely for Optiv in Vancouver. Establishing relationships and leading technology deployment in business continuity and resilience.
Product Manager directing the product roadmap and execution for OCIANA capabilities. Collaborating with stakeholders to enhance maritime security and operational decision - making.
Cybersecurity Generalist role at PwC focusing on security solutions and cybersecurity practices. Leading projects and mentoring team members while identifying opportunities for the firm’s success.
Principal Security Researcher for Spellbook, focused on securing legal AI workflows and sensitive data. Engaging in red teaming, security research, and cross - department collaboration for risk reduction.