← all jobs

Senior Manager, Information Security

Work from home Full-time role Hiring

About the Role

As the Senior Manager, Information Security, you aren't just checking compliance boxes. You are the architect of FreshBooks' security compliance program, risk register, and governance processes. In this planner-and-operator leadership role, you will hold real authority to shape our multi-year security roadmap and drive cross-functional execution across Engineering, IT, Product, and Legal. You will serve as a trusted, analytical advisor on risk management, ensuring we scale securely by protecting our customers' data while strengthening the robust compliance frameworks that protect our users' trust. You view information security as a true business partner, employing your experience and creativity to enable FreshBooks' innovation in the most scalable, safest ways possible. This is an impactful role offering direct exposure to the Senior Leadership Team and Board as you safeguard our global operations. Beyond the considerable impact of this role and the opportunity to truly shape one of our most fundamental programs, you believe in small business owners. You are motivated by FreshBooks' mission to make running a small service-based business easy, and have a strong desire to alleviate one of the stressors these business owners face. Work location: This role can be worked remotely from within Canada. Posting duration: To account for the Canada Day holiday 🇨🇦, we will accept applications until July 10 and will connect with successful applicants the following week. Thank you for your interest!

What You'll Do

Drive Strategy and Roadmap: Own FreshBooks’ multi-year security strategy and roadmap, running it with strict program discipline to prioritize initiatives based on business impact. Lead Compliance and Risk: Oversee the PCI DSS and SOC 2 compliance programs to maintain clean attestations, while operating the enterprise risk register to guide remediation versus acceptance decisions. Govern AI and Emerging Tech: Lead and formalize our cross-functional AI Governance Council, defining the review framework for cutting-edge AI use cases and reporting on compliance KPIs. Optimize and Scale the Service Queue: Turn raw ticket data into strategic insights by designing a highly efficient operating model with strict SLAs, reading queue trends to proactively steer our security strategy. Influence at the Board Level: Own the security metrics program from end-to-end, translating complex operational data into high-leverage, business-framed dashboards for our Senior Leadership Team and the Board. Lead and Develop Talent: Manage, coach, and build the Information Security team while designing staffing plans that balance internal headcount with external specialists during peak audit cycles. Steer Security Committees: Staff and lead the Security Steering Committee to drive critical organizational decisions regarding prioritization, resourcing, and policy approvals. What You'll Bring Craft Experience: 8+ years of experience in information security, with a strong focus on compliance, GRC, or security program management. People Leadership: 3+ years of direct people management experience with a proven track record of developing talent and building cohesive teams. Deep Compliance Audit Expertise: Hands-on experience successfully navigating and owning PCI DSS and SOC 2 Type II audit cycles. Risk and Roadmap Management: Proven ability to operate an enterprise risk register and translate those risks into a prioritized Engineering and IT roadmap. Program Discipline: Strong project and program management skills with a meticulous focus on driving accountability across Engineering, IT, Product, and Legal teams. Resource and Vendor Management: Experience managing external specialists and consultants for point-in-time assessments or audit peak periods. You'll Stand Out If You Have Emerging Tech Fluency: Experience or a strong foundational grasp of managing AI governance frameworks and emerging technology risks. Security Program Execution: Experience designing and executing incident response tabletop exercises alongside security awareness programs. Professional Credentials: An active security certification (such as CISSP, CISM, CRISC, or equivalent) or an undergraduate degree in Computer Science, Cybersecurity, Business, or a related field. #LI-SR1 #LI-Remot

More open positions

Qual Assurance Associate

Work from home Full-time role

AI Specialist

Work from home Full-time role

Fullstack Developer Laravel & React/Vue (m/w/d)

Work from home Full-time role

Senior Manager, Finance Planning Systems (SAC)

Work from home Full-time role

Senior, Copywriting - Performance Creative - US Remote, EST

Work from home Full-time role

Operations Specialist I

Work from home Full-time role

Remote Data Annotation positions

Work from home Full-time role

Change and Configuration Manager

Work from home Full-time role

Pricing Director

Work from home Full-time role

Manager, Project Management

Work from home Full-time role

Remote Apple Customer Support Specialist – Work From Home Opportunity in the UAE with Global Tech Leader

Work from home Full-time role

Regional Sales Manager - East/Northeast (US)

Work from home Full-time role

Business Systems Solutions Manager

Work from home Full-time role

Platform Integrity Analyst

Work from home Full-time role

AI Agent Growth Partner

Work from home Full-time role

Sales Manager (m/w/d) - RayaService

Work from home Full-time role

Fully Remote Customer Service Representative – United States – Home‑Based Support Specialist for careerzynith E‑Commerce & Cloud Services

Work from home Full-time role

Remote Text Chat Support Agent – Entry-Level, No Experience Needed, Flexible Schedule

Work from home Full-time role

Software Engineer, Product (Frontend-leaning)

Work from home Full-time role

Customer Service Sales Consultant – Hybrid Inbound Sales & Retention Specialist (Richardson, TX)

Work from home Full-time role

Administrative Assistant

Work from home Full-time role