Company Description
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.
At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.
We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.
By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.
We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.
If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.
We embrace flexibility and hybrid work opportunities to support diverse needs and lifestyles, while also valuing inclusive workplace experiences. By fostering a sense of community, we drive innovation, strengthen connections, and nurture belonging. Our commitment ensures you can work in a way that suits you best, while also engaging with colleagues to share ideas and build meaningful relationships.
Job Description
Role Details
-
Title: Director, Information Security
-
Department: Technology Experience (TX)
-
Reports To: SVP Finance & Enterprise Solutions
-
Direct Reports: Yes, People leader with oversight on full information security lifecycle across five areas: Governance, Risk & Compliance (GRC); Product & Application Security; Security Operations & Threat Management; Cloud & Infrastructure Security; and Trust & Customer Assurance.
Strategic Scope
Security Strategy & Posture
Build a measurable, business-aligned security strategy across technology, networks, data, applications, cloud, and the secure use of AI. Own the security controls that protect personal data and partner with Legal and the DPO on the privacy program, embedding privacy-by-design into the product lifecycle.
Risk, Governance & Compliance
Own enterprise security risk and the control framework. Own and operate the SOC 2 and ISO 27001 programs end to end, maintaining certification, audit, and regulatory readiness (GDPR, CCPA, PIPEDA). Own the security and data-protection controls and partner with Legal and the DPO on the privacy program.
Security Operations & Resilience
Direct threat detection, incident response, vulnerability management, and business continuity so the organization can prevent, withstand, and recover from attacks.
Customer Trust & Commercial Enablement
Enable enterprise sales and renewals by providing timely, credible, and risk-based customer assurance, turning a strong security posture into a competitive advantage with regulated and critical-infrastructure customers.
People & Organizational Leadership
Build, structure, and develop a high-performing security team grounded in speed, focus, simplicity, accountability, and a clear “stay secure” culture across Copperleaf.
Primary Duties & Responsibilities
Security Strategy & Governance
-
Develop, implement, and maintain an enterprise-wide information security strategy aligned to business objectives, available resources, and Copperleaf’s Industrial-AI product context.
-
Develop and maintain security standards and practices based on industry-leading frameworks
-
Establish, communicate, and enforce information security roles, responsibilities, and policies throughout the organization
-
Define a clear security engagement model and embed early-stage, “shift-left” security practices across delivery teams.
-
Drive a security operating model that supports fast, focused decision-making and removes unnecessary complexity while maintaining disciplined risk management.
Risk Management & Compliance
-
Own the Copperleaf security risk register and the enterprise risk-assessment and treatment process; implement and track mitigation plans for identified risks.
-
Own the end-to-end SOC 2 and ISO 27001 programs.
-
Ensure compliance with relevant regulations and standards and serve as liaison to external auditors, partners, and regulators.
-
Co-develop practical AI and privacy governance with Product, IT, Legal, and the Head of AI, owning the security-and-controls dimension of the enterprise AI policy.
Security Operations & Resilience
-
Direct security operations across threat detection, monitoring, and response, leveraging SIEM, EDR, IAM, and related tooling.
-
Lead incident response end to end, including rapid identification, containment, eradication, recovery, post-incident review, and continuous improvement.
-
Oversee vulnerability management, threat intelligence, and proactive testing.
-
Own business continuity and disaster-recovery planning and readiness for security-impacting events.
Product, Cloud & AI Security
-
Partner with R&D and Product to embed security into the software development lifecycle (SDLC)
-
Demonstrate and maintain an effective security posture across cloud, on-premises, and private-cloud deployments, covering data, software, and systems, including the deployment models used by regulated utilities and critical-infrastructure customers.
-
Establish controls and guardrails for the secure development and use of AI across Copperleaf, in coordination with the Head of AI.
Customer Trust & Commercial Enablement
-
Own the Trust Center and the external security narrative used in sales and renewals; act as primary point of contact for customer security inquiries, questionnaires, and audits.
-
Partner with Legal and commercial teams through customer negotiations, including reviewing and providing risk-based input on security schedules, data-protection terms, redlines, and customer-specific assurance commitments.
-
Mature the security posture into a client-facing trust advantage.
Leadership, Team & Organizational Development
-
Own the organizational design and staffing model for the security function, sizing and structuring the team and its leadership to align with risk, demand, and business priorities.
-
Directly manage, coach, and develop the InfoSec team across all five security functions, conducting regular performance and career-development reviews.
-
Forecast changing business needs and align team skills and experience; provide technical direction and guidance across teams.
-
Create a high-performance team culture that values speed, focus, simplicity, ownership, and clear prioritization in a fast-paced, high-growth environment.
-
Embed a deep, organization-wide commitment to staying secure through ongoing training, awareness, and clear expectations.
Strategic Planning, Budget & Executive Partnership
-
Develop and execute annual security business plans, project initiatives, the department budget, and KPIs; monitor progress and act to ensure goals and service levels are met.
-
Translate strategy into focused execution, balancing urgency and simplicity with the discipline required to protect the business and support scale.
-
Continuously pursue cost-effectiveness through innovation, negotiation, vendor management, and process improvement.
-
Build security measurements, reports, and KPIs that give executives and the Board a clear, business-framed picture of security risk and posture.
-
Serve as the primary security advisor to the SVP and represent InfoSec in cross-functional governance with the Head of AI, Strategic Initiatives, and the Director, Technology & AI.
Qualifications
Required Education & Experience
-
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related discipline (Master's or MBA with a risk or technology focus preferred), or an equivalent combination of education and experience.
-
CISSP strongly preferred; CISM, CISA, CRISC, CCISO, or equivalent credentials considered an asset.
-
10+ years of progressive experience in information security, including 5+ years leading and directing security teams (a strong combination of education and experience will be considered).
-
Demonstrated experience owning enterprise security across SaaS, cloud, on-premises, and private-cloud deployments, including securing products delivered to regulated utilities and critical-infrastructure customers; owning compliance programs (SOC 2, ISO 27001); and leading customer-facing security assurance.
-
Deep understanding of international data protection frameworks, including GDPR and CCPA, and know how to apply them in a SaaS environment.
-
Experience securing AI/ML products and platforms and defining AI security governance.
-
Background operating in regulated, critical-infrastructure, or enterprise-scale environments, ideally serving utilities or similar sectors, with executive-level risk reporting.
-
Track record maturing a security function from operational to strategic and using security as a commercial differentiator in enterprise deals.
-
Proven ability to lead in a fast-paced environment with a bias for action, strong prioritization, simple communication, and disciplined execution.
This job description is intended to convey the general nature and scope of the role. It is not an exhaustive list of all duties, responsibilities, or qualifications. Copperleaf and IFS reserves the right to amend this description at any time.
Additional Information
What We’re Offering
-
Salary Range: $170,000 to $200,000 CAD annually + bonus
-
Flexible paid time off, including sick and holiday
-
Medical, dental, & vision insurance
-
Flexible spending accounts
-
Life insurance and disability benefits
-
Tuition assistance
-
Community involvement and volunteering events
Additional Information
We embrace flexibility and hybrid work opportunities to support diverse needs and lifestyles, while also valuing inclusive workplace experiences. By fostering a sense of community, we drive innovation, strengthen connections, and nurture belonging. Our commitment ensures you can work in a way that suits you best, while also engaging with colleagues to share ideas and build meaningful relationships.
Use of Artificial Intelligence in Recruitment
As part of our recruitment process, we may use automated tools, including artificial intelligence, to help screen and assess applications based on job‑related criteria such as skills, experience, and qualifications.
These tools do not make hiring decisions. All employment decisions are reviewed and made by members of our hiring team.
This position is for an existing vacancy.