Manager of Information Security, (Bilingual) Cyber

At Qohash we look for…
…bold, mission-driven individuals who aren’t afraid to take brave action in pursuit of meaningful outcomes. You thrive in fast-paced, evolving environments, demonstrate a strong sense of accountability, and embrace the unknown with curiosity and determination. We value people who are not only technically proficient but also deeply collaborative, customer-centric, and aligned with our core values of accountability, pursuit of excellence, and resilience. If you’re energized by creating a safer digital future for all, read on…

…Company culture is at our core
Our 5 core values are more than just words, they are a way of life for us. We know that companies with a strong culture & a higher purpose perform better in the long run.

Do our values speak to you?

• Pursuit of excellence
• Resilience
• Mission focus
• Accountability
• Embracing conflict

We will ask you for examples of when you have taken action whilst exemplifying these values.

Who you are

You’re a seasoned cybersecurity professional who brings sharp critical thinking, meticulous rigor, and a proactive mindset. You're fluent in both English and French, excel in complex high-velocity environments that demand precision, and thrive when you're trusted with high levels of independence and accountability. You’re comfortable leading both hands-on and strategic security initiatives, and you advocate for clear, measurable security outcomes across the organization.

What you will do

As Manager of Information Security:

• You’ll lead the development and continuous improvement of Qohash’s security program, ensuring operational excellence and regulatory alignment.
• You’ll present Infosec status updates to executive and board-level stakeholders.
• You’ll collaborate with operations, engineering, product, revenue operations and human resources teams and other senior internal stakeholders to embed security into products and processes.
• You’ll manage risk assessment activities and oversee the implementation of remediation strategies.
• You’ll oversee security audits and compliance efforts, including SOC 2, ISO 27001, FedRAMP, and third-party risk assessments.
• You’ll enhance incident detection and response procedures to ensure organizational preparedness and resilience.
• You’ll maintain and evolve security policies, standards, and awareness training programs.
• You’ll report on security status, gaps, and mitigation progress to executive leadership.
• You’ll work remotely, within the province of Quebec, with a small number of team get-togethers in either Montreal or Quebec City.

What your resume shows

Must Haves

• 5–7 years of experience in information security, with direct accountability for risk management and compliance functions.
• Bilingual fluency in English and French (written and spoken).
• Demonstrated success in taking proactive action in rigorous, structured environments (e.g., big 4 firms, regulated industries, public sector).
• In-depth experience with ISO 27001 and SOC 2.
• Solid understanding of cloud security and SaaS infrastructure.
• Strong communication skills, including experience reporting to executives and translating technical risks into business impact.
• Bachelor's degree in Computer Science, Information Security, or related field—or equivalent practical experience.

Nice to Haves

• Startup-high velocity company experience.
• FedRAMP framework experience.
• Relevant certifications such as CISSP, CISM, or CCSP.
• Experience in supporting sales cycles through security assurance.
• Experience managing vendor risk and legal/regulatory security requirements.
  
  

What’s in it for you?

• Competitive base salary.
• Enjoy up to six weeks of paid time off annually. At Qohash, we recognize your dedication and believe in giving you ample time to rejuvenate.
• Comprehensive health benefits package, including life insurance, short- and long-term disability insurance, paramedical and telemedicine services, and an HSA account.
  
  

Qohash is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law. Only those candidates selected for the interview will be contacted.