Job details

Information Security Manager

Get a free resume review

Who Are We?

UniUni, a North American leader in last-mile logistics, delivers tens of millions of parcels annually across Canada, from coast to coast, and is rapidly expanding its footprint in the United States. Founded in 2019, UniUni is known for its tech-driven innovation and crowdsourced delivery model, providing fast, economical, and reliable services to local, national, and international e-commerce clients.

What Do We Offer?

At UniUni, we empower our employees with opportunities to achieve their professional goals. We value both lateral growth and vertical advancement, ensuring every role helps you develop your skills, broaden your expertise, and build a fulfilling career. We are looking for passionate professionals ready to work hard, embrace challenges, and enjoy being part of a dynamic, fun team.

Requirements

Lead and manage the information security team, providing guidance, mentorship, and support to team members
Develop and implement comprehensive information security strategies, policies, and procedures to protect the organization's information assets
Monitor and analyze security incidents, vulnerabilities, and threats, and coordinate appropriate responses
Conduct regular security assessments, audits, and penetration testing to identify and mitigate potential risks
Collaborate with IT, legal, and compliance teams to ensure alignment with regulatory requirements and industry best practices
Oversee the implementation and maintenance of security technologies, including SIEM and intrusion detection systems
Stay up-to-date with the latest cybersecurity trends, threats, and technologies, and recommend improvements to enhance the organization’s security posture
Prepare and present regular reports on the cybersecurity program's status to senior management
Investigate and respond to security incidents across office and cloud environments
Collaborate with the information security team to detect, analyze, and mitigate threats
Conduct post-incident analysis and recommend security improvements
Proactively manage application security risks and threats using tools such as Veracode and Sysdig
Perform regular vulnerability scans and assessments to identify and remediate security risks
Analyze risks and provide actionable recommendations to address vulnerabilities
Leverage tools such as Veracode and Edgescan for SAST and DAST vulnerability scans to ensure application security
Utilize tools for Software Composition Analysis (SCA), registry, and container security scans
Assist in the development and maintenance of risk management frameworks
Collaborate with IT Security, Risk, and Compliance teams to update the Corporate Risk Register with identified vulnerabilities and remediation actions
Track and monitor the progress of security remediation initiatives
Ensure IT security practices comply with regulatory requirements, NIST guidelines, and internal policies
Support audits and assessments related to IT security and compliance
Maintain accurate and up-to-date documentation of IT security policies and procedures
Work with various teams and departments to ensure secure configuration of systems and applications
Assist in the evaluation and implementation of new security tools and technologies
Prepare and deliver security reports and updates as required

Qualifications

Minimum of 8 years of experience in cybersecurity, with at least 3 years in a managerial or leadership role
Experience with security frameworks and standards such as NIST, ISO 27001, and SOC 2
Proficiency in security tools and technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection
Hands-on experience in the following areas: application security, vulnerability management, threat modeling, penetration testing, web and network protocols, and encryption technologies
Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams
Relevant certifications such as CISSP, CISM, or CISA are highly desirable
Experience in security incident response and crisis management
Knowledge of cloud security and experience with cloud platforms such as AWS and Azure
Familiarity with regulatory requirements and compliance standards in the industry

Dental, Vision, Medical insurance, Paid Holiday, Paid Time Off, Paid Sick Leave, Management training program
Salary range $90,000 to $110,000 CAD

Average salary estimate

$100000 / YEARLY (est.)

min

max

$90000K

$110000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Information Security Manager, UniUni Logistics

Are you an experienced cybersecurity professional looking to step into a leadership role? UniUni is on the hunt for an Information Security Manager who is ready to make an impact! With our rapid expansion across North America, we deliver tens of millions of parcels every year. We're not only known for our tech-driven innovation but also for our dynamic company culture that fosters growth and encourages embracing challenges. As the Information Security Manager at UniUni, you'll lead a dedicated team, develop and implement comprehensive security strategies, and ensure we stay ahead of potential threats. You'll manage security incidents, conduct assessments, and collaborate with various departments to uphold our compliance with regulatory standards. Here's your chance to drive significant change while working in an engaging and supportive environment. Plus, we offer competitive salaries ranging from $90,000 to $110,000 CAD, along with great benefits like dental, vision, and medical insurance! So, why wait? Join UniUni and let's secure the future together!

Frequently Asked Questions (FAQs) for Information Security Manager Role at UniUni Logistics

What are the main responsibilities of an Information Security Manager at UniUni?

The Information Security Manager at UniUni is responsible for leading the information security team, developing security strategies, monitoring security incidents, conducting assessments, and ensuring compliance with regulatory standards. This role involves collaboration with IT, legal, and compliance teams to implement policies that protect the organization's information assets.