Listing Description
Your Opportunity at ARC’TERYX:
As the Vice President, Information Security, you will be the senior most security professional and will report directly to the Arc’teryx Chief Information Officer (CIO). You will have direct responsibility of a risk focused security practice that encompasses the full width of Arc’teryx technical, regulatory, and privacy obligations. Your practice will overlay current and foreseeable risks into the design and management of security controls, processes, architectures, and tooling.
In this role you will advise, lead, and create security programs that overlay all aspects of engineered systems in close and ongoing collaboration with senior leadership, domain leaders, subject-matter experts, and fellow engineers. This role requires excellent communication skills at all levels of the organization, and a combination of engineering knowledge and strategic leadership, that will result in programs that realistically measure and mitigate risks. It also requires reality-based risk measurement that takes into account Arc’teryx business objectives balanced with technical and compliance responsibilities. It will include direct and matrix style leadership of both leaders and direct security engineering roles.
This role is based out of our North Vancouver office, but may be hired remote. Travel to Vancouver is required.
Meet Your Future Team:
As a member of the IS Leadership team, you will contribute to the formation and execution of the overall Information Systems strategy and vision by leading the Information Security department. Working closely with a team of IS professionals, and partnering closely with the CIO, you will participate in designing and executing security programs ensuring their success through a hands-on leadership approach. You will be deeply involved in security incident leadership and act as a trusted partner for all areas of Arc’teryx engineering leadership. Together, your team will ensure dependencies are mapped out and sequenced to deliver the overall IS roadmap.
If you were in the Vice President, Information Security role now, here are some of the core activities you would be doing:Aggressively identifying, measuring, and prioritizing Arc’teryx state of controls followed by the execution of triaged remediations Deeply partnering with Information Systems (IS) leaders acting as a collaboration partner and co-problem owner Designing, implementing and managing the creation of a security practice that encompasses: A Survivability program that reduces risk through vulnerability management, secure configuration, and SAST/DAST application security practices across the Arc’teryx technology stack An Active Defense program that utilizes tooling such as IPS, WAF, DDOS, SIEM, SOAR, and endpoint defense technologies to identifying, containing, and mitigating malicious activity A Compliance/GRC function that addresses Arc’teryx obligations by delivering policy and standards that are consumable, provides regulatory/ compliance guidance across all IS functions, and executes all required audits such as SOC2, PCI-DSS, or ISO27001 A Security Inclusivity program that educates and inspires Arc’teryx staff on all matters information security and executes all required security awareness training across the enterprise A cross-functional Incident Response program that ties technical response functions to strategic legal, communication, and executive leadership incident management processes A Privacy program that insures Arc'teryx meets regional and international privacy standards such as CCPA/CCPR and GDPR Access, Authorization, and Accounting to include Identity and Access Management oversight across the Arc’teryx IS organization Executive Level Risk Reporting Strategic Business Alignment Functional Data Loss and Prevention Fostering an engineering environment that enables speed, flexibility, and iteration through the enablement of engineering creativity and innovation Implementing best security practices using tool-agnostic methodologies that enable IS engineers to creatively solve problems
Here are some of the things you could be working on in the future: Creating a security leadership culture that focuses on collaboration, inclusivity, and strong cross-functional partnership Enabling other engineering programs within Information Systems (IS) to move decisively through the application of compensating controls and enabling security processes
Are you our next Vice President, Information Security?You have 20+ years of security engineering and leadership experience operating in complex enterprise class environments You have the ability to communicate and inspire security focused change at both the IC and senior leadership levels When communicating risk you present a balanced fact/data based assessment that is consumable, clear, and direct You have deep experience operating security programs in environments that utilize modern CI/CD processes and containerization You operate your security practice in a cost conscious and sustainable manner that allows flexibility and the ability to quickly pivot around new technology challenges You demonstrated experience providing calm and clear leadership during complex and fast paced incidents or outages You possess a deep understanding across IaaS, PaaS, Hybrid, and On-Prem and are able to articulate and leverage the security merits of each You are able to clearly articulate the security paradigm differences presented by heterogeneous, hybrid, and cloud based approaches to technology problems You designed and influenced security design in retail and edge computing leveraging the benefits of modern PCI-DSS scope reduction technologies You have experience providing direct and inspirational leadership to both technical and compliance focused teams in an enterprise environment You seek the best (sometimes not the easiest) solutions, with an unwavering commitment to do what is right Your passion for your work is paralleled by your passion for getting outside and living it Equal Opportunity
Arc’teryx is committed to actively creating and fostering a culture of inclusivity where voices are heard, people are seen, and values are respected. We care about the uniqueness of our applicants, employees, and guests, and we do so in a safe space fueled by curiosity and acceptance.
Creating an inclusive workplace is connected to our core value Do Right while also having the added benefit of helping make our business better. We believe inclusion helps us to create a healthier, happier workplace, drive creativity and innovation, and reflect the communities where we operate.
All applicants, employees, and guests can expect equality of opportunity and fair treatment in alignment with our values.
Design your Purpose. Live our Values.
DISRUPTIVE EVOLUTION. Design your future through challenge, experimentation, and inspiration.
COMMIT. Set and deliver on bold objectives as we collectively raise the bar.
LIVE IT. Deepen your connection to nature and live your most purposeful life.
LEAVE IT BETTER. Create a better world, together.
Listing Details
-
Citizenship:
Not Provided
-
Incentives:
Not Provided
-
Education:
Not Provided
-
Travel:
Not Provided
-
Telework:
Not Provided