Security & Compliance Partner shaping security at PurposeMed's virtual healthcare platform. Collaborating across teams to ensure effective security measures and compliance as the company scales in Canada and the US.
Responsibilities
Owning security monitoring and incident detection across our cloud infrastructure and SaaS tooling, including AI-powered tools
Leading the response when something goes wrong—from initial containment and documentation through to follow-up and lessons learned
Working closely with Product, Design, and Engineering to proactively spot security gaps, supporting vulnerability and risk assessments, and contributing to compliance initiatives such as penetration testing
Collaborating with Marketing to ensure our data collection, consent practices, and ad-tech responsibilities meet our internal standards and regulatory obligations
Implementing and continuously improving preventative security controls—MFA, access management, logging, and endpoint protection—across our cloud infrastructure and third-party tools
Ensuring our defences keep pace with our growth across Canada and the US
Supporting audit and compliance activities across the business (HIPAA, PIPEDA) in partnership with IT and Legal
Leading vendor and third-party security reviews that protect us from risk at every layer
Developing and maintaining the policies, playbooks, and documentation that will anchor our security program for years to come
Leading security awareness efforts that make security a lived part of our culture—with a focus on phishing, account compromise, and common attack vectors
Requirements
3–5 years of experience in IT, cybersecurity, or a technical support role with meaningful exposure to security or incident response
Foundational understanding of security concepts (access controls, MFA, encryption, etc.) and incident response principles (detection, triage, containment, recovery)
Familiarity with security monitoring tools such as SIEM, EDR, or log management platforms
Experience working in cloud-based environments and supporting remote workforces
The ability to act as a first responder and escalate appropriately—comfortable making judgment calls in a startup environment
Strong attention to detail, urgency, and a genuine willingness to adapt and learn
Clear communication and documentation skills, with the organizational discipline to stay on top of multiple workstreams
Exposure to healthcare, privacy, or other regulated environments (HIPAA, PIPEDA)
Familiarity with enterprise security tooling (MDM, EDR, IAM, etc.)
Security, risk, or cloud certifications
Experience supporting an organization through a period of significant growth or geographic expansion
Benefits
20 vacation days and a team that will remind you to use them!
Annual winter break closure
Comprehensive medical, dental, and vision care from your first day of work—we cover 100% of your premiums, with coverage available for dependents
8 health/sick days
Extended mental health coverage
$20,000 of lifetime coverage for gender-affirming care and procedures (Canada)
$500 learning fund to use towards courses and other professional development
Our unique People Potential program, in which you'll partner with your manager to identify opportunities to grow and achieve your full potential
Senior Consultant in Cybersecurity for Wavestone managing client - facing engagements and providing strategic advisory services. Leading teams and business development in cybersecurity engagements with top organizations.
Senior Information Security Advisor needed for a 6 - month contract in Scarborough, ON. Provide security advisory, risk assessments, and cloud controls in banking.
Supervisor reporting to the Manager of Parking and Security at Scarborough Health Network hospitals. Responsible for supervising on - duty Security Guards and ensuring customer - focused services.
Security and Compliance Associate at Habitat Learn, an EdTech company focused on accessibility. Supporting compliance and security operations for multiple frameworks in a remote role based in Ontario.
Senior Manager overseeing the Identity & Access Management team for RBC in Global Security. Leading projects, managing operations, and ensuring client - centric service delivery.
Data Center Security Officer conducting patrols and monitoring security systems at data center facilities. Ensuring safety and compliance with security protocols.
Data Pipeline Engineering Specialist designing and operating data pipelines for cybersecurity analytics at Morgan Stanley. Collaborating with stakeholders and ensuring performance and reliability of infrastructure.
Lead Information Security Engineer at Arctic Wolf responsible for designing, implementing, and operating security capabilities. Focusing on building and integrating security systems with high growth and innovative technologies.
Manager, Security and Disbursement ensuring timely and secure loan disbursements for Canadian entrepreneurs at BDC. Collaborates with clients, underwriters, and financial partners to comply with policies.