Optable is building a data collaboration platform designed for media and advertising. We develop scalable software services that enable brands and publishers to collaborate in secure and privacy-preserving clean rooms for campaign planning, activation and measurement. We've built private identity graph management capabilities that support fast analytics and real-time querying on billions of records. Optable is an interoperable platform that supports frictionless collaboration through integration with third-party data warehouses, easy onboarding of partners, and secure multiparty computation and cryptographic matching protocols.
As the Head of Information Security and Technology, you will be responsible for managing the company’s information security program and its policies. You will keep policies and related processes up to date and implemented. You will manage all employee accounts and provide IT support to employees for all company devices and applications as needed. You will be responsible for enabling the growth of the team by making sure that all IT and IS related processes do scale. You will be responsible for managing security remediation and improvement projects. Finally, you will oversee our information security programs (e.g., SOC2 Type 2).
Optable offers a competitive compensation package, including participation in the option pool. We mostly work from home with the possibility of heading to the Montreal downtown office whenever you need a change of pace, a face to face meeting or for one of our planned team activities. We will provide you with a laptop of your choice.
- Manage Optable’s information security program
- Author, review and implement information security policies
- Own business continuity and disaster recovery plans and perform annual tests
- Manage annual compliance (pentest, risk assessment, security training, etc)
- Own monitoring and remediation of information security related events on the Drata platform
- Manage third-party vendor assessments — both incoming and outgoing
- Manage information security and operations remediation projects
- Manage customer SLAs and related operational processes
- Author MSA and contractual amendments to address regulatory, information security, and operational/SLA requirements, as required
- Manage ongoing GDPR compliance, conduct annual Data Protection Impact Assessments (DPIAs)
- Manage company assets, including employee laptops, from an information security and technology standpoint
- Manage and execute the employee IT and IS onboarding and offboarding processes.
- Support employees for IT related issues including support for Windows, Mac and Linux laptops.
- Manage and support all SAAS and cloud applications used by the company including Google Workspace, Slack, Clickup, etc. — with support from operations.
- Manage Google Cloud’s IAM policies for employees — with support from operations.
- 3+ years of experience working in information security.
- Experience with SOC2 compliance.
- Experience with writing, reviewing and implementing information security policies.
- Excellent project management and organisational skills
- Excellent written and verbal communication skills.
- Good technical skills.
- Knowledge and experience with Mac, Windows and Linux
- Knowledge and experience with Google G Suite or Google Workspace
- Ability to automate repetitive tasks.
- Knowledge and experience with Google Cloud especially IAM.