Information Security Officer

Software – Applications
Tulip Retail is the world’s first mobile platform built exclusively for store associates. Leading retailers like Saks Fifth Avenue, Coach, and Toys”R”Us believe in enabling the next generation of store associates with mobile technology using Tulip. We’re a team of experts who have worked with and for retailers over the past 20 years and are driven to build a company whose mission is to enable one of the world’s largest job markets. By placing Tulip-enabled iPads into the hands of store associates, our goal is to provide them with instant and reliable access to the product information, while also being able to transact, communicate, and collaborate in an omnichannel world.

Position Overview:
“As the Security Team, we have the opportunity and responsibility to help everyone, across Tulip, do their job better and more securely. Tulip cares about Security, so we’ve got lots of enthusiastic help, but we’re dedicated to security and making everything better.” - Chris Rovers, Information Security Director

Reporting to Tulip Retail’s Information Security Director as an Information Security Officer on the Security Team, you will be planning, implementing and monitoring information security measures designed to measure and protect our information infrastructure. Your goal will be to keep us deploying our applications safely and to find and fix problems before they become an issue. Your focus will be compliance and policies, but you’ll have a hand in technical issues and application security testing as well. You will work in a small team, but will interact with the whole company. You are passionate about learning and growing your skills along with the rest of the team. You find security fascinating and endlessly interesting.

We believe:

    • When you join Tulip, you’ll be part of a fast-growing group of people who come from different backgrounds, countries, and experience.
    • We believe in investing in our people, building positive relationships with our customers, and treating our work like craft.
    • We prioritize diversity, inclusion and building a community, and we stay humble and hungry.

What you'll do:

    • You will be an information resource for users, helping them identify and avoid security threats
    • You will take charge of specific projects to improve monitoring and security systems, seeing them through to completion.
    • You will help maintain and operate dynamic scanning processes for Tulip Retail’s products and systems
    • Working with the Information Security Director, you will help develop and maintain Tulip’s security policies, procedures, standards and guidelines
    • You will take ownership of our existing PCI compliance program and work with the Information Security Director on assessments
    • You will participate in incident response and post-mortems

What you'll need:

    • You have 4-8 years of Information Security or Risk Management/Compliance experience
    • You understand how security standards, including the PCI DSS, ISO 27002 and related standards, can build consensus around security and focus efforts
    • You can turn the standards into change - the OWASP Top Ten; dynamic and static vulnerability scanning; monitoring and alerting; network fundamentals; encryption
    • You can help us continue to improve our security incident handling practices, security policies and procedures, and secure software development lifecycle practices

    • Bonus Skills
    • Experience with Amazon Web Services, Google Cloud Platform, Docker and similar cloud technologies
    • Additional technical skills are helpful but not required - Linux, programming, SQL, networking
    • Security certifications (CISSP, etc) will be considered, but are not required

We offer:

    • An environment passionate about growth and learning
    • Flexible hours for our early risers and night owls
    • Medical and Dental Insurance
    • Paid parental leave
    • Paid sick days
    • 15 days of paid vacation
    • Corporate gym rate
    • Weekly team lunches with halal and vegetarian options
    • Healthy (and less healthy) snacks and gourmet espresso
    • Breathtaking Toronto office on the waterfront and close to Union station
Tulip Retail is strongly committed to equal opportunities in employment. We welcome applications from all minority group members, women, Aboriginal persons, persons with disabilities, members of sexual minority groups, and others who may contribute to the further diversification of Tulip Retail.

Tulip Retail welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.

Feel like you can’t tick all the boxes above? If you have some of the skills and experience that we’re looking for and are willing to use your talent to learn the rest, we encourage you to apply.