Your responsibilities will include:
Participate in the planning and design of a cybersecurity target operating model.
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).
Participate in the planning, design and ongoing evolution of enterprise security capabilities, e.g. cyber risk management, security incident response, vulnerability & patch management, security awareness, etc.
Maintain up-to-date detailed knowledge of the information security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security.
Perform the deployment, integration, and initial configuration of new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures and security documents specifically.
Establish and maintain operational configurations of in-place security solutions.
Monitor in-place security solutions for efficient and appropriate operations, including capacity and lifecycle requirements.
Lead investigations into anomalous events and cybersecurity incidents.
Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
Conduct cyber risk assessments.
Participate in the design and collection of monthly/quarterly information security KPI/KRI metrics.
College diploma or university degree in computer science and/or minimum of ten (10) years equivalent work experience in an information technology related field, with a minimum of five (5) in a dedicated information security role.
One or more of the following active certifications considered a strong asset:
Certified Information Security System Professional (CISSP)
Certified Ethical Hacker (CEH)
GIAC Information Security Fundamentals
Microsoft Certified Systems Administrator: Security
Experience with supporting and troubleshooting multi-vendor security environments.
Strong understanding of IP, TCP/IP, and other network administration protocols.
Working technical knowledge of:
Security incident response management
Threat hunting methodologies and best practices
Vulnerability management technologies and practices
Risk assessment methodologies and practices
Security technologies (Firewalls, IDS/IPS, VPN, DLP, AV etc.)
LAN/WAN network security methodologies and best practices
Server platforms (UNIX, Windows etc.) and desktop security, including network/host based security, wireless and mobile devices
Current legislation and regulations with respect to data privacy in financial services
Security methodologies, controls and practices in financial services and regulated environments
NIST Cybersecurity Framework
Proven analytical and problem-solving abilities.
Ability to be self-directed, including effectively prioritizing and executing tasks.
Ability to conduct research into information security issues and products as required.
Ability to present ideas in business-friendly and user-friendly language.
Team-oriented and skilled in working within a collaborative environment.
We are supportive of workforce diversity and encourage internal/external applications from all qualified individuals. We thank all candidates for their interest, however, only those selected for an interview will be contacted.
To express interest in this opportunity, please click on the "Apply Now" button below.
Date Posted: February 2, 2022