Manager, Security Operations

Who we are

Founded in 2002, Zafin offers a SaaS product and pricing platform that simplifies core modernization for top banks worldwide. Our platform enables business users to work collaboratively to design and manage pricing, products, and packages, while technologists streamline core banking systems. 

With Zafin, banks accelerate time to market for new products and offers while lowering the cost of change and achieving tangible business and risk outcomes. The Zafin platform increases business agility while enabling personalized pricing and dynamic responses to evolving customer and market needs. 

Zafin is headquartered in Vancouver, Canada, with offices and customers around the globe including ING, CIBC, HSBC, Wells Fargo, PNC, and ANZ. Zafin is proud to be recognized as a top employer and certified Great Place to Work® in Canada, India and the UK.  

 

Job Mandate 

Zafin is seeking an experienced Cybersecurity Lead to handle cybersecurity operations and to ensure that Zafin maintains the highest standards of cybersecurity and protection. This pivotal role includes management of our 24/7 Security Operations, stakeholder management & liaison with internal teams and external partners/vendors.  

Job Details 

% of Time 

Major Responsibilities: 

 

• Security architecture: Support the design and implementation of secure IT architecture and systems. Develop, implement, and refine proactive security tactics and methods to counter emerging threats. 

• Risk management: Contribute to comprehensive cyber risk management framework that aligns with industry standards (e.g., NIST, ISO 27001) and incorporates the unique requirements of clients. Continuously identify, assess, and mitigate cyber risk exposure; implement and maintain robust risk management practices. 

• Leadership of the SOC: Manage the 24/7 SOC and its team of skilled technical staff. Oversee security operations including continuous security monitoring, incident response and remediation and the use of threat intelligence to ensure timely detection and mitigation of cyber threats, risks and vulnerabilities. 

 

------------------------------------------------- 

• Stakeholder engagement: Serve as the primary cybersecurity contact for all cybersecurity operations. Provide advice and support cybersecurity matters and ensure a high-level satisfaction. 

------------------------------------------------- 

• Cybersecurity strategy: Contribute to strategic planning and development of the company's cybersecurity services. Stay abreast of the regulatory environment and emerging cybersecurity trends, threats and technologies. 

• Compliance and governance: Ensure compliance with relevant cyber security regulations and standards (e.g., GDPR, PIPEDA, MFIPPA, PCI-DSS) from tooling perspective. Conduct regular vulnerability assessments, and compliance audits. 

------------------------------------------------- 

• Vendor management: Manage relationships with cybersecurity vendors and service providers. Ensure the quality and effectiveness of vendor products and services. 

• Continuous improvement: Promote a culture of innovation; identify and implement state-of-the-art security tools and techniques which will adapt to changes in the cyber threat landscape and technological advancements; provide continuous staff training and skill improvement. 

 

 

   

 

   40% 

 

 

 

40% 

 

 

 

 

 

 

 

10% 

 

 

 

 

20% 

 

 

 

 

 

 

 

 

 

10% 

Key Performance Indicators (KPIs): 

Security Incidents- Resolution time 

Achieving Project Milestones in time 

Timely completion of pro-active cybersecurity tasks (daily, weekly, monthly) 

Reduction of False positives 

 

 

Working Conditions: 

Full time, Hybrid 

 

Minimum Required Technical Skills / Qualifications 

 

Knowledge, Education, Training            

Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field. Master's degree preferred.  

Experience 

• Minimum 7 years in Information Technology management out of which 5 years should consist of hands-on experience in cybersecurity, in a leadership role, preferably managing a SOC/ Security Operations team. 

• Proficiency in security technologies, including SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability management tools.  

• Familiarity with cloud security in platforms such as AWS, Azure, or Google Cloud.  

• Strong knowledge of cybersecurity frameworks 

• Knowledge of DevSecOps practices and integration of security into development pipelines. 

 

Certifications 

Must to Have : Microsoft/ Azure Security Certifications: SC-200/500, AZ-500, Good to have : CISSP, CISM, CEH, or equivalent; relevant vendor certifications. 

Azure/ Microsoft 365     

Experience working on Microsoft 365 and Azure infrastructure is mandatory 

Minimum Required Behavioural / Soft Skills 

 

Communication 

Interpersonal, communication and presentation skills to effectively engage and build trust with clients and team members. 

Leadership     

Good Experience in technical leadership 

People Management 

Good exposure with people management/ stakeholder management 

 

What’s in it for you

Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers

Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. 

Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin’s privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice.