Edtech.com's Summary

Sylogist is hiring a Director of Information Security. This role involves developing and overseeing security protocols, compliance programs, and risk management strategies, with a focus on cloud infrastructure and strategic security planning. The Director will collaborate across teams to ensure enterprise-wide security and compliance with global standards.

Highlights

Lead development and implementation of security protocols, compliance programs, and risk management strategies.
Manage cloud infrastructure security, including Azure AD, MFA, and Privileged Access Management.
Conduct incident response, vulnerability scans, penetration tests, and security workshops on emerging threats.
Oversee compliance with GDPR, SOC 2, NIST CSF, PCI DSS, and global privacy laws such as CCPA and PIPEDA.
Develop corporate security roadmap, disaster recovery, and business continuity plans.
Partner with DevOps and architecture teams to integrate security best practices.
Manage vendor and cloud risk assessments, including Microsoft Azure environments and SaaS vendors.
Require Bachelor's degree in Computer Science, Cybersecurity, or related field with 5+ years in information security and cloud infrastructure management.
Preferred certifications: CISSP, CISM, Azure Solutions Architect Expert, Azure Security Architect Expert, or CCSP.
Proficiency in Azure IaaS/PaaS, Infrastructure as Code (Terraform/Bicep), SIEM tools, and strong communication skills.

Director of Information Security Full Description

Company Overview

At Sylogist, we are purpose-driven to “empower the good our customers do.”

We provide SaaS-based software solutions to the non-profit, government, and education sectors, and we take immense pride in the work of our customers and the products we build to support them. Our team is collaborative, enthusiastic and delivers on our promises. If you want to apply your skills to improve trusted technology that supports over 2000 customers around the world, then let’s talk!

Position Overview:

Reporting to the Chief Information & Technology Officer (CITO), the Director, Information Security will be responsible for developing, implementing, and overseeing security protocols, compliance programs, and risk management strategies across Sylogist. The successful candidate will bring a strong background in cloud infrastructure management, compliance frameworks, and strategic security planning.

Responsibilities Include:

Enhance security team accomplishments and competencies by planning the delivery of solutions and responding to technical RFPs and miscellaneous questions.
Define security protocols by evaluating business strategies and requirements.
Develop, review, and approve installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
Execute corporate identity and access control by implementing Azure AD solutions, MFA, and Privileged Access Management (PAM).
Respond to and investigate security incidents, providing thorough post-event analysis.
Manage secure phishing programs and ensure compliance through tools and ongoing training.
Develop and maintain a corporate security roadmap to include ongoing system upgrades.
Conduct vulnerability scans, penetration tests, and incident response drills.
Verify security systems by developing and implementing test scripts.
Stay current on emerging security practices and standards; participate in educational opportunities, review professional publications, and engage in professional organizations.
Partner with DevOps and architectural teams on security best practices.
Document and review corporate policies to ensure compliance with NIST and other industry standards.
Review and ensure product compliance with privacy requirements (GDPR, CCPA, PIPEDA, and global privacy laws).
Implement data classification, encryption (at rest/in transit), and DLP solutions.
Develop, implement, and document disaster recovery and business continuity plans.
Conduct Privacy Impact Assessments (PIAs) for new systems and data flows.
Conduct quarterly security workshops on emerging threats (e.g., ransomware, social engineering).
Maintain training records for compliance audits (SOC 2, ISO 27001).
Vendor & Cloud Risk:
- Manage third-party risk assessments (including Microsoft Azure environments).
- Monitor compliance of SaaS vendors.

What We Look for in You

Must Haves

Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
5+ years of experience in information security.
Cloud infrastructure management experience.
Certifications such as CISSP, CISM, Azure Solutions Architect Expert, Azure Security Architect Expert, or CCSP (preferred).
Proficiency in Azure IaaS/PaaS, IaC (Terraform/Bicep), and SIEM tools.
Deep knowledge of GDPR, SOC 2, NIST CSF, and PCI DSS.
Experience managing global compliance programs.
Strategic planning, vendor negotiation, and crisis management skills.
Strong working knowledge of IT risks, cybersecurity, and operating systems.
Excellent communication and interpersonal skills.

Nice-to-Haves

Microsoft Azure security certification.
Additional advanced security or cloud certifications.
Experience with privacy compliance programs across multiple jurisdictions.

Why Join Sylogist?

We're an inclusive company that values the personal and professional growth of its employees! At Sylogist, you'll experience:

A company where you can really make a meaningful impact
A healthy work-life balance
Benefits that cover health, wealth, and wellness
Sylogist is a remote-first company.

Sylogist does not offer sponsorships. All candidates must provide proper employment documentation showing immediate eligibility to work in the country in which the role is based.

If you’re as excited about making a difference as we are, we would love to hear from you!

Sylogist is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Sylogist will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.

Original Job Description

Company Overview

At Sylogist, we are purpose-driven to “empower the good our customers do.”

Position Overview:

Responsibilities Include:

Enhance security team accomplishments and competencies by planning the delivery of solutions and responding to technical RFPs and miscellaneous questions.
Define security protocols by evaluating business strategies and requirements.
Develop, review, and approve installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
Execute corporate identity and access control by implementing Azure AD solutions, MFA, and Privileged Access Management (PAM).
Respond to and investigate security incidents, providing thorough post-event analysis.
Manage secure phishing programs and ensure compliance through tools and ongoing training.
Develop and maintain a corporate security roadmap to include ongoing system upgrades.
Conduct vulnerability scans, penetration tests, and incident response drills.
Verify security systems by developing and implementing test scripts.
Stay current on emerging security practices and standards; participate in educational opportunities, review professional publications, and engage in professional organizations.
Partner with DevOps and architectural teams on security best practices.
Document and review corporate policies to ensure compliance with NIST and other industry standards.
Review and ensure product compliance with privacy requirements (GDPR, CCPA, PIPEDA, and global privacy laws).
Implement data classification, encryption (at rest/in transit), and DLP solutions.
Develop, implement, and document disaster recovery and business continuity plans.
Conduct Privacy Impact Assessments (PIAs) for new systems and data flows.
Conduct quarterly security workshops on emerging threats (e.g., ransomware, social engineering).
Maintain training records for compliance audits (SOC 2, ISO 27001).
Vendor & Cloud Risk:
- Manage third-party risk assessments (including Microsoft Azure environments).
- Monitor compliance of SaaS vendors.

What We Look for in You

Must Haves

Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
5+ years of experience in information security.
Cloud infrastructure management experience.
Certifications such as CISSP, CISM, Azure Solutions Architect Expert, Azure Security Architect Expert, or CCSP (preferred).
Proficiency in Azure IaaS/PaaS, IaC (Terraform/Bicep), and SIEM tools.
Deep knowledge of GDPR, SOC 2, NIST CSF, and PCI DSS.
Experience managing global compliance programs.
Strategic planning, vendor negotiation, and crisis management skills.
Strong working knowledge of IT risks, cybersecurity, and operating systems.
Excellent communication and interpersonal skills.

Nice-to-Haves

Microsoft Azure security certification.
Additional advanced security or cloud certifications.
Experience with privacy compliance programs across multiple jurisdictions.

Why Join Sylogist?

We're an inclusive company that values the personal and professional growth of its employees! At Sylogist, you'll experience:

A company where you can really make a meaningful impact
A healthy work-life balance
Benefits that cover health, wealth, and wellness
Sylogist is a remote-first company.

Sylogist does not offer sponsorships. All candidates must provide proper employment documentation showing immediate eligibility to work in the country in which the role is based.

If you’re as excited about making a difference as we are, we would love to hear from you!

Let me find your next job.

Thanks - you're signed up.

Director of Information Security

Edtech.com's Summary

Director of Information Security Full Description

Information Security/Identity Management Analyst

Cyber Risk Quantification Analyst

Director, Development & Security Curriculum

Principal IT Security Architect

Governance Risk and Compliance (GRC) Manager