Senior offensive security advisor at Desjardins leading security initiatives and projects. Advising partners on strategic security and developing offensive methodologies to enhance cyber resilience.
About the role
- Security & Compliance Partner shaping security at PurposeMed's virtual healthcare platform. Collaborating across teams to ensure effective security measures and compliance as the company scales in Canada and the US.
Responsibilities
- Owning security monitoring and incident detection across our cloud infrastructure and SaaS tooling, including AI-powered tools
- Leading the response when something goes wrong—from initial containment and documentation through to follow-up and lessons learned
- Working closely with Product, Design, and Engineering to proactively spot security gaps, supporting vulnerability and risk assessments, and contributing to compliance initiatives such as penetration testing
- Collaborating with Marketing to ensure our data collection, consent practices, and ad-tech responsibilities meet our internal standards and regulatory obligations
- Implementing and continuously improving preventative security controls—MFA, access management, logging, and endpoint protection—across our cloud infrastructure and third-party tools
- Ensuring our defences keep pace with our growth across Canada and the US
- Supporting audit and compliance activities across the business (HIPAA, PIPEDA) in partnership with IT and Legal
- Leading vendor and third-party security reviews that protect us from risk at every layer
- Developing and maintaining the policies, playbooks, and documentation that will anchor our security program for years to come
- Leading security awareness efforts that make security a lived part of our culture—with a focus on phishing, account compromise, and common attack vectors
Requirements
- 3–5 years of experience in IT, cybersecurity, or a technical support role with meaningful exposure to security or incident response
- Foundational understanding of security concepts (access controls, MFA, encryption, etc.) and incident response principles (detection, triage, containment, recovery)
- Familiarity with security monitoring tools such as SIEM, EDR, or log management platforms
- Experience working in cloud-based environments and supporting remote workforces
- The ability to act as a first responder and escalate appropriately—comfortable making judgment calls in a startup environment
- Strong attention to detail, urgency, and a genuine willingness to adapt and learn
- Clear communication and documentation skills, with the organizational discipline to stay on top of multiple workstreams
- Exposure to healthcare, privacy, or other regulated environments (HIPAA, PIPEDA)
- Familiarity with enterprise security tooling (MDM, EDR, IAM, etc.)
- Security, risk, or cloud certifications
- Experience supporting an organization through a period of significant growth or geographic expansion
Benefits
- 20 vacation days and a team that will remind you to use them!
- Annual winter break closure
- Comprehensive medical, dental, and vision care from your first day of work—we cover 100% of your premiums, with coverage available for dependents
- 8 health/sick days
- Extended mental health coverage
- $20,000 of lifetime coverage for gender-affirming care and procedures (Canada)
- $500 learning fund to use towards courses and other professional development
- Our unique People Potential program, in which you'll partner with your manager to identify opportunities to grow and achieve your full potential
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Senior Product Manager overseeing ecobee’s Smart Security business and leading cross - functional teams. Responsible for product initiatives focused on customer experience and service growth.
Senior Consultant managing client security testing engagements as part of TELUS Cyber Security team. Proficient in penetration testing and security challenges with a focus on collaboration and communication.
Information Security Specialist at TD responsible for risk compliance and issue remediation within technology. Leading assessments and providing oversight on regulatory findings to enhance governance practices.
Advisor in information security governance at Exposant 3, defining frameworks compliant with international standards and ensuring organizational security compliance. Collaborating on awareness and training efforts within a human - centered, innovative team.
EC
Operational Information Security Specialist at Exposant 3 overseeing information security activities and implementing security controls. Collaborating on major projects within a human - centered and innovative firm.
Lead security strategy and ICS - guided emergency response programs at AltaGas. Shape a unified, risk - based framework to strengthen operational resilience and advance zero - harm commitment.
Cyber Threat Intelligence Specialist leveraging AI and machine learning for threat analysis at Intact Financial. Focused on creating predictive intelligence models to enhance security operations.
Security Advisor Specialist for the IAM team at Intact, developing SailPoint IIQ solutions and enhancing identity governance processes. Responsible for driving compliance and teaching best practices
Project Manager II focused on integrating new customers into TELUS' Internet and Security operations. Collaborating across teams to drive successful transition and enhance customer experiences.