Director of Security

About Us
PayBright provides flexible, affordable, and transparent payment options for Canadians. We partner with merchants to offer innovative payment plans at the point of sale – both in e-commerce environments and in-store locations. We are one of Canada’s fastest growing fintech companies and have partnered with over 5,000 merchants across Canada including major retailers such as Wayfair, eBay, and Samsung. To date, we have helped over 250,000 Canadians purchase services and products. We are a diverse and growing team of over 100 people located in downtown Toronto. Visit us at

We are hiring a Director of Security to play a key part in leading our cyber security strategies.

Working closely with our Director of Legal and Compliance and our VP Technology, this role will be essential in implementing, documenting and testing the security controls in one of Canada’s leading growth-stage fintech companies.

With a bias for action and a willingness to “dig in” and execute, the ideal candidate must have an entrepreneurial spirit with the ability to act nimbly in balancing short-term and long-term objectives.

The Role

    • Providing the primary architectural and technical leadership for PayBright’s cyber security strategy
    • Designing and operating a risk and compliance program comprised of security risk assessments, independent reviews, and audits on systems and services to assess compliance and measure risks
    • Identifying where improvements are required and implementing mitigation plans, strategies, tools, policies, and procedures
    • Working closely with Compliance to implement, document, and test security controls based on industry security standards (ISO, NIST, COBIT, etc.)
    • Developing options to improve and optimize the security of IT architecture and systems
    • Evaluating and advising on cyber security risks related to new products and technologies
    • Ensuring cross-functional alignment on cyber security efforts
    • Developing and testing business continuity and security incident identification and response plans
    • Building and managing a third-party security assurance program to monitor the security exposure of vendors and partners
    • Monitoring technology evolutions, risks, and changing threat profile and proactively assess and advise the stakeholders about its impact on our environment and corporate risk profile


    • University degree in Computer Science, Engineering, Mathematics, Information Security, or a related disciple
    • Security, infrastructure and application design experience preferred.
    • 7+ years’ experience in security engineering or architecture
    • Security qualifications such as CISP, CISA, CISM, CRISC, etc.
    • Knowledge of security frameworks such as ISO 27001/2, NIST, COBIT, etc.
    • Demonstrated experience of data protection, security, risk and compliance related matters
    • Experience in banking, financial services, or fintech considered an asset
Why should you apply? 
PayBright offers an outstanding work environment in a high-growth industry
We focus on creating a positive and cohesive team-based environment and aim to have fun doing our jobs!
Monthly and quarterly team events and social activities
We offer attractive compensation and benefits, including equity participation
We have a prime downtown Toronto location near amenities and public transportation