Talent.com
Reach
Head of SecurityReach • Calgary, AB, CA
No longer accepting applications
Head of Security

Head of Security

Reach • Calgary, AB, CA
30+ days ago
Job type
  • Full-time
  • Remote
  • Quick Apply
Job description

About Reach

Reach is merchant of record infrastructure that lets brands sell globally without replatforming. We handle the complexity of cross-border payments, tax compliance, and fraud management, integrating directly with the brand's existing commerce stack. With local acquiring in 70+ countries and pre-built integrations for major platforms, Reach enables mid-market and enterprise brands to scale internationally while maintaining full control of their customer data and technology.

Role Overview

We’re looking for a Head of Security to own and lead information security at Reach. This is a hands-on leadership role: you will set the strategy, own the program end-to-end, and stay actively in the work alongside your team. In a given week you might be writing a policy, triaging a pen test finding, running a phishing campaign, responding to a customer security questionnaire, and presenting the quarterly security update to leadership.

The right person is energized by owning an entire domain end-to-end, is comfortable moving between strategy and execution, and is equally credible with a senior engineer and a SOC 2 auditor. You believe security is most effective when it is practical, measurable, and built into how the business operates.

Key Responsibilities

  • Vulnerability management and offensive testing: Own the vuln lifecycle end-to-end — intake, triage, prioritization, risk acceptance, ticketing to dev teams, and remediation within SLA — and manage external pen tests and targeted assessments. Report regularly on status, SLA performance, and trends.
  • Security operations and incident response: Manage our MSSP partner for 24/7 SIEM and SOC monitoring; ensure telemetry, detections, and playbooks match our threat model. Serve as incident commander for real events, and run regular tabletops and post-incident reviews.
  • Policy, controls, and risk: Define and maintain Reach’s security policies and control framework. Design, implement, and measure the effectiveness of controls; maintain a risk register; and surface material risk decisions to leadership.
  • Compliance and audits: Own SOC 2 Type II and PCI DSS end-to-end with continuous control monitoring and evidence collection between audits. Serve as the primary contact for external auditors.
  • Application and cloud security: Partner with engineering on secure SDLC, threat modeling for new products and features, SAST/DAST/SCA coverage, and cloud security posture (IAM, configuration, workload protection).
  • Identity and access management: Own IAM policy, periodic access reviews, privileged access, and joiner/mover/leaver processes, in partnership with IT and People.
  • Third-party and customer security: Run Reach’s vendor risk program (due diligence, questionnaires, DPAs, ongoing monitoring) and own responses to customer and prospect security reviews.
  • Security awareness and training: Run phishing simulations, ongoing and role-targeted training, and regular company-wide sessions on new threats and best practices.
  • Executive reporting: Provide regular security posture updates with meaningful metrics (MTTD/MTTR, patch latency, control coverage, phishing outcomes, audit readiness).
  • People, budget, and tooling: Act as a mentor for your report; own the security budget and tool stack — evaluating, procuring, rationalizing, and retiring tools as the program matures.

Requirements

  • 8+ years in information security, with 3+ years leading a security program or a major security function.
  • Direct experience owning SOC 2 Type II audits end-to-end; PCI DSS experience strongly preferred.
  • Proven, hands-on ownership of vulnerability management programs at scale.
  • Experience managing an MSSP/MDR relationship for SIEM and 24/7 SOC.
  • Strong application and cloud security fundamentals, with hands-on experience in AWS, GCP, or Azure, and the ability to partner credibly with engineering.
  • Experience leading incident response end-to-end, including cross-functional coordination and working with external parties.
  • Experience writing and operationalizing security policies against recognized frameworks (NIST CSF, ISO 27001, CIS Controls).
  • Excellent written and verbal communication — credible with engineers, executives, auditors, and customers.
  • Comfortable as a player-coach in a lean environment, with a strong sense of ownership and bias for action.

Additional Assets

  • Experience in fintech, payments, or ecommerce — ideally cross-border or merchant-of-record.
  • Prior experience standing up or scaling a security program at a growth-stage company.
  • Familiarity with GRC/continuous compliance platforms (e.g., Vanta, Drata, Secureframe).
  • AWS experience (our primary cloud) and Atlassian suite (Jira, Confluence) for workflow and documentation.
  • Formal people-management experience.
  • Relevant certifications (e.g., CISSP, CISM, CCSP).

Benefits

Why Join Reach

  • Competitive compensation
  • Flexible remote work
  • Comprehensive benefits
  • Opportunity to build and own a security function
  • Direct impact on a global commerce platform

Our Core Values

At Reach we believe that high performing teams all have common values and synergies that enable them to work well together. If you share some of these values then you will excel in your role on the Security team. Some of our Core Values are:

  • We value solving problems and building products by focusing on outcomes
  • We value making decisions while considering input from multiple sources
  • We value taking action over getting stuck in planning
  • We value taking chances and failing fast
  • We value teamwork over individual accomplishments
  • We value optimizing time to value and achieving outcomes, not checking boxes
  • We value work/life balance and a mindset of “it’s a marathon, not a sprint”
  • We value using the right technology to solve the right problems

Apply with your CV and a brief cover letter outlining your security leadership experience and your interest in joining Reach.

#LI-Remote

Create a job alert for this search

Head of Security • Calgary, AB, CA

Similar jobs

Security-Focused Application Manager at ShareGate

ShareGate GroupCalgary, AB, CA
Full-time

Join ShareGate as an Application Security Manager, focusing on integrating security in software development.This technical position combines coding with security expertise in a collaborative team e... Show more

 • Promoted

Security Infrastructure Engineer

TailscaleCalgary, AB, CA
Full-time

Tailscale is building the new Internet by delivering software that makes it easy to securely interconnect people and their devices, no matter where they are.From hobbyists to multinational corporat... Show more

 • Promoted

Corporate Security Specialist

Parkland CorporationCalgary, Alberta, Canada
Full-time

As of November 1, 2025, Sunoco LP has successfully completed its acquisition of Parkland Corporation.For more information, please visit.Sunoco LP is a leading energy infrastructure and fuel distrib... Show more

 • Promoted

Principal Security Engineer at Marqeta

Marqeta, Inc.Calgary, Alberta, Canada
Full-time

Elevate security standards at Marqeta as a Principal Security Engineer specializing in Product and AI.This role allows for fully remote work across the USA and emphasizes securing payment technolog... Show more

 • Promoted

Expert Global Security Architect for Cloud and Cybersecurity Solutions

ColliersCalgary, Alberta, Canada
Full-time

Transform security landscapes as a Global Security Architect working remotely.Drive cloud migration strategies while implementing security best practices and structural governance for cutting-edge ... Show more

 • Promoted

Technical Leader for Microsoft Security

SoftchoiceCalgary, Alberta, Canada
Full-time

Become a Technical Leader in Microsoft Security.Focus on integrating cutting-edge solutions while leading a talented team of architects in improving client security practices.This influential role ... Show more

 • Promoted

Remote Security Strategy Lead - Applications and IT

Targeted TalentCalgary, AB, CA
Remote
Full-time

A leading security consultancy in Ontario seeks an Information & Application Security Manager to lead their cybersecurity strategy and oversee IT, applications, and infrastructure security.This han... Show more

 • Promoted

Hair Stylist - Westland Plaza

Great ClipsOKOTOKS, Alberta, Canada
Full-time +1

Join a locally owned Great Clips® salon, the world's largest salon brand, and be one of the GREATS! Whether you're new to the industry or have years behind the chair…great opportunities await!!.We’... Show more

 • Promoted

Head of Risk - Remote

BitfinexCalgary, AB, CA
Remote
Full-time

Be among the first 25 applicants.Inspired by Bitcoin's vision of financial freedom, we are committed to empowering individuals to transact and connect seamlessly across the globe.From the early day... Show more

 • Promoted

Head of Analytics

David Aplin RecruitingCalgary, Alberta, Canada
Full-time

The Role Reporting to the CEO, the Head of Analytics will lead and evolve the organization’s analytics function (currently 10+ team members).This role is responsible for enabling data-informed deci... Show more

 • Promoted

Remote Presales Engineer for Global Network Security

StealthWatchCalgary, AB, CA
Remote
Full-time

A leading technology firm is seeking a Presales Engineer to join their team.This role offers the chance to work remotely from anywhere in Canada and requires expertise in network and security techn... Show more

 • Promoted

Senior Consultant in Cloud Security Architecture

BDO CanadaCalgary, Alberta, Canada
Full-time

Lead the way as a Senior Consultant in Cloud Security Architecture, focusing on innovative security solutions and client engagement in cloud ecosystems.Collaborate with clients to secure their clou... Show more

 • Promoted

Security Systems Installation Expert

Ainsworth IncCalgary
Full-time

Join as a Security Systems Installation Expert, focusing on CCTV, access control, and intruder alarm installations.Engage in comprehensive servicing and support of security solutions in various env... Show more

 • Promoted

Head of Engineering

OpenMinedCalgary, AB, CA
Full-time

If we are successful, you will lead the engineering team to build the public internet for the world's non-public information — unlocking 1,000,000x more data in every scientific field and industry,... Show more

 • Promoted

Head of IT and Information Security

HRBCalgary, AB, CA
Full-time

Our client is a well-funded, seed-stage AI startup that builds agents for the factory floor.They develop and distribute a software-first agent layer that plugs into the cameras and machines factori... Show more

 • Promoted

Information Security Policy & ISMS Lead

Intello Technologies Inc.Calgary, AB, CA
Full-time

A leading technology provider is seeking an Information Security Policy and Implementation Specialist in Calgary, Alberta.This role involves developing security policies to ensure compliance with i... Show more

 • Promoted

CEO, Head of Global Services

ToptalCalgary, AB, CA
Full-time

Be among the first 25 applicants.Toptal is a global network of top talent in business, design, and technology that enables companies to scale their teams, on‑demand.With $200+ million in annual rev... Show more

 • Promoted

Governance, Risk & Compliance Consultant

MalleumCalgary, AB, CA
Full-time

Governance, Risk & Compliance Consultant.Governance, Risk & Compliance Consultant.We are a premier cybersecurity consultancy, blending advanced offensive and defensive strategies to safeguard our c... Show more

 • Promoted

Security Architect

AGFA HealthCareCalgary, AB, CA
Full-time

We are hiring an experienced security Architect who is responsible for designing and implementing security within our architecture.This role involves working closely with cross-functional teams (en... Show more

 • Promoted

Security Systems Installer - Growth, Training & Benefits

Securitas Technology CanadaCalgary, AB, CA
Full-time

A leading security solutions provider in Alberta is seeking a Security System Technician to install and service various security systems including Card Access and CCTV.Responsibilities include perf... Show more