← all jobs

Director of IT Security (Remote Canada)

Work from home Full-time role Hiring

Director of IT Security — Job Description Directive Consulting is the leading B2B marketing agency for brands that are serious about the metrics that matter most. With over a decade of expertise and 420+ B2B brands under our belt, we've earned our reputation on real outcomes. We run through 3 divisions: Performance, Communications, and Commerce, all wired to share intelligence and answer to revenue. We move fast. We think boldly. We hire people who challenge the status quo, build campaigns worth talking about, and make bold brands impossible to ignore. The Role This role reports to the Head of Finance and is responsible for leading Directive's information security strategy across our fully remote workforce operating in the United States, Canada, Mexico and the United Kingdom. As the Director of IT Security, you will establish and continuously mature our cybersecurity program, protecting our people, client data, business operations and technology ecosystem from evolving cyber threats. You will proactively identify and mitigate cyber risks, strengthen our security posture, oversee compliance initiatives and prepare the organization to respond effectively to evolving threats. You will work closely with our leadership team to ensure security is embedded into every aspect of our business while enabling continued growth and innovation. Roles & Responsibilities Cybersecurity Strategy and Governance: Develop and execute the company's information security strategy and scalable security roadmap. Establish and maintain enterprise security policies, standards and governance frameworks. Present cybersecurity risks, recommendations and security metrics to executive leadership. Partner with department leaders to ensure security is integrated into business operations and decision-making. Stay ahead of emerging cybersecurity threats, AI risks and industry best practices. Risk Management and Threat Assessments: Conduct ongoing enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications and business processes. Build and maintain the organization's cybersecurity risk register and remediation roadmap. Lead vulnerability management efforts and prioritize remediation based on business risk. Perform third-party vendor security assessments and ongoing vendor risk management. Continuously evaluate new technologies and recommend security improvements. Configure and enforce data governance policies across distributed tools (Notion, Drive, Stratos) to prevent data silos. Manage device security policies using MDM software (Kandji) to protect company assets. Security Operations & Incident Response: Own the organization's incident response program, including playbooks, tabletop exercises and post-incident reviews. Oversee endpoint security, identity and access management, privileged access controls, MFA and device security. Partner with the Senior IT Manager to implement technical security controls and monitor the health of the environment. Coordinate with external security vendors and managed security providers when necessary. Develop and oversee business continuity and disaster recovery planning. Compliance & Client Security: Lead security compliance initiatives including SOC 2 Type II and future security certifications. Own customer security questionnaires and support enterprise sales opportunities by demonstrating Directive's security posture. Partner with Legal, Insurance, and Finance on privacy, data governance, and regulatory compliance. Maintain documentation for security policies, controls, audits, and evidence collection. Security Awareness & Culture: Build and/or manage company-wide security awareness and phishing training programs. Promote a security-first culture across the organization. Educate employees on evolving cybersecurity threats, social engineering, AI usage and data protection best practices. Establish security metrics and regularly report organizational security maturity. What You Offer /Qualifications 7+ years of experience in cybersecurity, information security or risk management. 3+ years leading enterprise security programs or security teams. Demonstrated experience performing cybersecurity risk assessments and threat modeling. Strong knowledge of cloud-first and SaaS-based environments including Google Workspace, Salesforce, NetSuite, Okta and modern identity platforms. Experience implementing and maintaining security frameworks such as SOC 2, ISO 27001 or the NIST Cybersecurity Framework. Deep understanding of endpoint security, identity management, vulnerability management, incident response and security operations. Experience working within fully remote organizations supporting distributed workforces. Strong executive communication skills with the ability to translate technical risk into business impact. CISSP, CISM, CRISC, or equivalent cybersecurity certification is strongly preferred. What Success Looks Like Develop and execute a scalable cybersecurity roadmap that measurably improves Directive's overall security posture. Complete enterprise-wide risk and threat assessments, resulting in prioritized remediation plans for critical vulnerabilities. Maintain successful SOC 2 compliance and establish audit readiness across all security controls and documentation. Reduce organizational cybersecurity risk through stronger identity management, endpoint protection, and security governance. Build a proactive security awareness program that significantly reduces phishing susceptibility and increases employee security engagement. Establish measurable security KPIs and provide regular executive reporting on risks, trends, and program maturity. Create a resilient incident response and disaster recovery program that enables the business to respond confidently to security events with minimal operational disruption. Become a trusted strategic partner to executive leadership by balancing strong security practices with business agility and growth. Benefits 🏠 We have a set living wage at Directive; The annual base salary range for this position based in Canada is $165,000- $200,000 CAD. This salary range is an estimate, and the actual salary may vary based on Directive's compensation practices, job related skills, and depth of experience. 🙏 Medical, dental, vision plans, disability, and life insurance coverage for you and your family that fit your lifestyle Including a 100% employer-paid plan for you and a 50% employer contribution for your dependents Benefits to Support the Whole Person: 🧠 Mental - Access to certified therapists through Spring Health, membership to Headspace 💪 Physical - Physical therapy through Omada, fertility support through Carrott, thousands of Aaptiv virtual workouts, complimentary One Medical membership for primary and virtual care 🛫 Time Off - Unlimited PTO (2-week minimum), Paid Company Holidays, Your Birthday Off, End of Year Recharge (Closed December 24 - January 1), Paid Parental Leave 💰 Financial - Traditional and Roth 401(k) with a 3% company match 🌟 Bonus - Annual bonus based on tenure, which scales in total amount over time

Work Environment

Requirements As a remote-first company, you’ll have the ability to work from anywhere in the US, with the option to enjoy our state-of-the-art offices in Irvine, California. For some positions, as posted, we will accommodate global opportunities where we have established businesses, including Canada, the UK, and Australia. For global locations, you must have established and current work authorization and permanently reside in that country. This role has the opportunity to operate 100% virtually from your home office. We primarily collaborate with our colleagues through virtual meetings (Zoom), and Slack. In this role, you will be required to operate a laptop computer (PC or Mac available), computer software platforms, and other office productivity tools as necessary. Due to the nature of this role, you must be able to remain stationary for extended periods, must be able to observe and interpret written and/or verbal communication, must have reliable internet access, and a professional background. To perform this job successfully, an individual must be able to perform each essential job duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential job functions. If you require reasonable accommodations in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, direct your inquiries to [email protected]. Additional Information At Directive, one of our core values is People First. We’re committed to fostering a more diverse and inclusive culture in the digital landscape. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. #LI-CV1

More open positions

Director, Enterprise Sales

Work from home Full-time role

Senior Software Architect (C# / AI First) - GovTech SaaS company

Work from home Full-time role

Senior Software Architect (C# / AI First) - GovTech SaaS company

Work from home Full-time role

Senior Software Architect (C# / AI First) - GovTech SaaS company

Work from home Full-time role

Senior Commercial Counsel

Work from home Full-time role

Bilingual Clinical Care Manager (RN)

Work from home Full-time role

Senior Prenatal Implementation Engineer

Work from home Full-time role

Customer Support CSR – Remote Inbound Call & Email Specialist Delivering Exceptional Service for careerzynith

Work from home Full-time role

Regional Digital Account Executive

Work from home Full-time role

National Sales Director - FMO/CC Partners

Work from home Full-time role

Tech Lead, Android Core Product - Valencia, Spain

Work from home Full-time role

Technical Support Specialist

Work from home Full-time role

Dynamic Remote Customer Service Representative – Flexible Schedule, Earn Up to $19/hr, No Degree Required

Work from home Full-time role

Starlink Growth Specialist, Nebraska

Work from home Full-time role

Client Relationship Consultant – Travel Professionals

Work from home Full-time role

Sr. Injury Adjuster-UM - Remote flexibility for military spouses (COLORADO SPRINGS)

Work from home Full-time role

Director

Work from home Full-time role

Experienced Full Stack Data Entry Specialist – Cloud Application Development

Work from home Full-time role

MRSGM NA Associate Account Manager, Commercial Insurance Job Details | Munich Re Careers

Work from home Full-time role

QA Engineer

Work from home Full-time role

Audiologist II, Santa Clara

Work from home Full-time role