Icon hamburger

Create Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
No Thanks
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply on company site

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Senior Security and Privacy Specialist at Two Hat

Senior Security and Privacy Specialist

Two Hat Toronto, Ontario Full-Time
Apply on company site

Create Job Alert.

Get similar jobs sent to your email

We believe that purposeful content moderation can bring connections back to online communities. By enabling users to share without fear of abuse or harassment, we believe we can restore the original purpose of the internet - to connect. 

Two Hat is a leading provider of chat, comment, image, and video filtering with an emphasis on detecting online harms like cyberbullying, abuse, hate speech, violent threats, suicide, and child exploitation.

Processing nearly 30 billion messages a month, Two Hat enables clients across a variety of social networks to deliver positive user experiences by detecting and filtering harmful content in real time, before it reaches the community. More than just a filter, we provide an all-in-one content moderation solution, with data analysis, content escalations, flexible workflows, auto-moderated user reports, and more. Clients benefit from our scalable, autonomous, and transparent solution, as well as our team of industry experts who consult on best practices and industry standards.  

In addition, we believe that removing illegal content is a shared responsibility among social platforms, technology companies, and law enforcement. To that end, we work with international law enforcement to train AI to detect new child exploitative material.

The opportunity 

Reporting to our Vice President, Core Services, we need a Senior Security and Privacy Specialist, who wants to make a mark on the way Two Hat approaches information security and compliance. As the first person on the team, we also need a subject matter expert to enthusiastically jump in and get it done now; a Manager of processes and best practices who can share knowledge and ultimately grow a team. 

This is an opportunity as close to a blank slate as it gets for someone who wants to design their own proven strategies for identifying information security risks and implementing appropriate controls that comply with policies, contractual obligations, and regulatory requirements. From breach response plans to vendor assessments, from security training and secure coding to system wide assessments and privacy processes, you will apply your technical expertise to evaluate, build, and maintain operational security, governance, and compliance. 

We want a Senior Security and Privacy Specialist who is equally comfortable fostering relationships across internal IT, business leaders, vendors, and customer compliance or IT security departments as they are developing security and privacy solutions. 

Who you are

You are looking for the next step in your career, one where you can bring your knowledge, expertise, and lessons learned to influence and help build out our processes and tools. Whether you have focused on security monitoring across a supply chain, technology solutions, or another environment, you are familiar with best practices and compliance requirements. You have broad information and security expertise gained through hands-on and strategic roles in enterprise, startup, or mid-sized companies. 

Why you want this role 

Purpose and impact. We’ve said it a few times, but what we do matters. We are building solutions that make a difference. You will work closely with our CEO, a former white hat hacker, and to be part of something that adds true value and meaning to the world. Not only will your work resonate across our organization, but that of our clients and customers. You will chart new ground, establishing parameters, processes, and plans. You will carve your path, defining your career with us as we continue to grow.

Exposure and flexibility. You want to work on multiple facets of information security, setting up and achieving the milestones for SOC2 or ISO certification. You want the chance to do all of this while working remotely as a critical part of a growing organization. 

Cutting edge technology. Our products must operate at high speed, low latency, and across borders. As technology progresses, it’s imperative to us, our clients, and users to ensure we can identify and mediate risks before they happen, internally and within our services.

How you will make an impact every day as our first Manager, Information Security:

  • Achieve SOC2 or ISO certification. You will plan and execute deliverables for achieving certification for our organization. You will establish a set of security controls appropriate without inhibiting the day-to-day ability to move quickly and continue to grow.
  • Streamline external audits by customers. You will build out and refine our security response process to turn around vendor security questionnaire responses within 5 business days without impacting the software delivery teams. 
  • Share knowledge. You will train teams on secure design principles and embed secure coding as a priority. You will actively provide guidance and solutions to internal developers and vendors.
  • Embed security into our processes. You will integrate security controls and processes into the continuous integration and continuous delivery pipeline. 
  • Grow your expertise. You will work effectively within an ‘always up, always available’ environment, keeping up-to-date with best practices and the latest tools and technologies.

What you bring:

  • The experience. You have a Bachelor’s degree in Computer Science or Engineering and a combined 7+ years in software development and security. You have focused your career on growing and applying security knowledge and monitoring, assessing organizations for risk tolerance. You have expertise with:
    • Docker
    • Cloud services, including Amazon AWS and Microsoft Azure.
    • Static Code Analysis (ex. Veracode), Penetration Testing, Security Monitoring (Intrusion Detection Systems), and security infrastructure.
  • A passion for Agile. You thrive in a fast-paced and Agile Kanban environment. You can participate in bi-weekly sprints and weekly retrospective, planning, and backlog grooming meetings.  
  • A refined communication style. You are a catalyst for building trust-based strategic partnerships. You are well-spoken and comfortable working closely with executive leadership. You can translate highly technical information for a decision-making audience. 
  • A growth mindset. You have the ability to think big, keep up to date on emerging trends, and industry best practices. You are open to feedback and on a personal mission to pursue new learnings at every opportunity.  
  • A delivery focus. You have a proven track record managing competing priorities and working towards an improved future state while maintaining an ability to execute on time, beyond expectations, without delay or issue.
  • An innovative team approach. You are a team player with a positive attitude punctuated by high energy, initiative, and perseverance. You thrive in a mentorship role where you can share your knowledge and help increase security awareness. 

Join us

Our CEO and Founder is a visionary who believes in a better internet for everyone- and it’s a vision each one of us stands behind. Sure, it’s a lofty goal; and maybe it sounds impossible…but we don’t think it is. Our technology is capable of more now than when we started, but unsafe users are growing increasingly deceptive. We continue to step up our game and meet those challenges at every turn. 

Right now, we are growing and we aren’t slowing down anytime soon. We are looking for brilliant, innovative, and deeply conscientious people to join our team and be part of our mission. This is a place where:

  • We have an evolving startup culture of fiercely dedicated and collaborative individuals.
  • A tech giant praised us for tackling - and solving - a highly complex chat feature.
  • We coordinate and run an “Amazing Race” event celebrating our six year anniversary.
  • Spot rewards are handed out by the CEO.
  • We host a  “Mug Club” which is our version of a Ted Talk presented by anyone with a bright idea.
  • Pink Shirt Day means something to us on a deeper level.
  • We participate in local acts of good, both big and small, to bring a little joy to our community.

If you are driven to make the world a better place; you share our growth mindset; and you have built your talent on a foundation of hard work and creative thinking, join us.

Two Hat welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process.

Due to COVID-19 please expect changes to our standard recruitment process. In all instances, the safety of our employees and our candidates is of our utmost concern so we will be conducting interviews virtually and online. We will keep you informed on these changes and ensure that you are prepared in advance with the necessary instructions to conduct the next steps in the recruitment process.


Recommended skills

Delivery Pipeline
Information Security
Working Remotely
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 693821


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.