Enterprise Security Specialist

The Enterprise Security Specialist is a senior individual contributor responsible for leading the organization's enterprise security program in a regulated fintech environment. Reporting to the CTO, this role focuses on security governance, risk management, audits, certifications, and enterprise security practices, with exposure to DevSecOps considered an asset. This role serves as a primary security lead and advisor, working cross-functionally to ensure security practices support business growth, regulatory requirements, and customer trust, without formal people management responsibilities. What you'll do: Enterprise Security Program Leadership Lead the development, implementation, and continuous improvement of the enterprise information security program. Develop and maintain security policies, standards, procedures, and controls aligned with business objectives. Establish security metrics and reporting to support executive visibility and informed decision-making. Act as a trusted security advisor to the CTO and senior leadership. Governance, Risk & Compliance Lead enterprise risk assessments, security reviews, and control evaluations. Align security practices with recognized frameworks such as

ISO 27001, NIST

etc. Support compliance with Canadian regulatory and privacy requirements, including

PIPEDA, OSFI

guidance, and applicable provincial legislation. Audits, Certifications & Regulatory Engagement Lead and support security audits and certifications, including

SOC 2, PCI DSS, ISO

27001, and customer security reviews. Serve as a primary point of contact for auditors, regulators, and enterprise clients. Coordinate audit readiness activities, including evidence collection, policy updates, control testing, and remediation tracking. Translate audit findings into practical, risk-based improvements. Third-Party & Vendor Security Lead third-party security risk assessments and vendor security reviews. Support security questionnaires, contract reviews, and customer due diligence requests. Security Awareness & Collaboration Promote a security-conscious culture through collaboration, education, and practical guidance. Support security awareness initiatives and training across the organization. Work closely with Product, Professional Services, Risk, and Legal teams to support internal and external security needs. Reporting & Leadership Support Provide regular reporting on security posture, risks, audit readiness, and remediation progress. Escalate significant security risks and incidents appropriately and support incident response activities.

What you bring:

Technical Skills 5 -7+ years of experience in information security, cybersecurity, or technology risk. Experience leading security programs or initiatives in fintech, financial services, SaaS, or other regulated environments. Hands-on experience supporting

SOC 2, PCI DSS, ISO

27001, or similar audits and certifications. Strong understanding of enterprise security controls, risk management, and governance. Familiarity with cloud environments (AWS, Azure, or GCP). Ability to communicate security concepts clearly to technical and non-technical audiences. Knowledge of Canadian regulatory and privacy requirements. Clearly convey complex security topics to executives, clients, and technical teams. Analyze security and compliance issues and design effective solutions. Build strong partnerships internally and externally. Deep understanding of SDLC, DevSecOps, CI/CD pipelines, cloud technologies, and regulatory frameworks. Bonus Points if you have the following: Exposure to DevSecOps or secure SDLC practices. Experience with vulnerability management or application security tooling. Experience supporting client security assessments or enterprise customer due diligence. Security certifications such as CISSP, CISM, or

ISO 27001

Lead Implementer/Auditor.

What We Offer:

Be part of a dynamic, innovative team where your ideas directly shape our sales strategy and market presence. Flexible working arrangements (hybrid, remote, or in-office) designed to support work-life balance. Comprehensive benefits package starting from day one, including health coverage, paid time off, and volunteer days. Competitive salary, annual bonus program, and participation in our employee stock option plan. Access to continuous learning opportunities, a robust learning management system, and a tuition reimbursement program. Tools and technology provided (laptop, headset, monitors) to set you up for success. A supportive environment that values your growth, success, and contributions to our customers' achievements.

Pay:

$60.00 - $80.00 per hour

Work Location:

Hybrid remote in Canada, KY 41519