Lead Advisor, Infosec Threat and Vulnerability
3 months ago
Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.
Time Type:
Regular
Job Description:
SUMMARY OF POSITION:
Reporting to the Manager, Information Security Governance Risk and Compliance, the InfoSec Threat and Vulnerability Management Senior Advisor will lead the design, implementation, reporting and remediation follow ups for vulnerability management. This also includes overseeing penetration testing, evaluating findings, translating findings into actionable tasks and supporting remediation.
The incumbent works to operate an effective and modern vulnerability and risk mitigation program, with an advanced understanding of the current state (threats, risks, people, processes and technologies), in collaboration with the other cybersecurity teams and business units.
**MAIN RESPONSIBILITIES**:
Leads and owns the Vulnerability Management function across all business units (BU).-
- Collaborates with the business units Vulnerability Analysts to consolidate all activities into a corporate InfoSec Vulnerability management database.-
- Collaborates with ERM (Enterprise Risk Management) and the Business Unit ISwg (Information Security working group) leaders to identify and prioritize high exposure vulnerabilities.Provides expertise in the prioritization of vulnerabilities based on real data, the risks posed, and the business context;Operates vulnerability management tools (in a shared responsibility model with the Analysts from the business units) and takes the ownership of constantly improving them;-
- Analyzes asset and vulnerability operational datasets to provide meaningful, actionable metrics and data visualizations;-
- Documents vulnerability analysis and assessment findings after performing risk analysis;-
- Advises business units on corrective actions and collaborates with InfoSec teams and ERM to ensure remediation and any adjustments that could be needed;-
- Identifies new security requirements, risks, trends and develops appropriate responses;-
- Coordinate and supervise penetration testing exercises with external vendors, other InfoSec teams and business units;-
- Translate findings into actionable tasks and follow up on vulnerability remediation plans with the different stakeholders;-
- Gather relevant data to report on vulnerability management metrics;-
- Partners with key stakeholders to develop and/or update information security documents such as policies, standards, procedures, training material;-
- Remains aware of technological trends and developments in the area of information security.ESSENTIAL REQUIREMENTS
ACADEMIC TRAININGRecognized certification in Computer Science, Information Security or any relevant domain.- WORK EXPERIENCEMinimum 5 years experience in information security, IT support or system management-
- Experience in vulnerability risk and analysis and coordinating vulnerability management efforts.- TECHNICAL COMPETENCIESTechnical understanding of general security vulnerabilities and their mechanisms of exploitation;-
- Expertise in setting up and operating Qualys and/or equivalent vulnerability management tool;-
- Experience in penetration testing is an asset;-
- Proficient in information security principles, and industry standards such as NIST and ISO;-
- Current industry standard security certification (Security+, SANS, Microsoft, Cisco etc.) is an asset;-
- Experience using tools to correlate unstructured data from various types of journals and event flows;-
- Experience with information security concepts related to threat and vulnerability management, system architecture and Internet and cloud technology;Knowledge of attack vectors, threat actors, and mitigation techniques;-
- Understanding of information security practices and policies.PARTICULAR COMPETENCIESPreferred fluency in French and English (spoken and written), to be able to collaborate with different Business Units in Quebec, Ontario and across the United States;-
- Has a collaborative business mindset with supporting work ethics;-
- Flexible and able to quickly adapt to change (embraces change);-
- Is viewed as a team player by peers and management;-
- Financial understanding of the impacts of his/her recommendations;-
- Be able to propose and negotiate solutions and initiatives;-
- Be fully autonomous and take ownership of the process;-
- Possess a strong capacity for analysis and synthesis;-
- Strong problem solving skills;-
- Excellent organizational and communication skills;-
- Attention to detail;-
- Ability to work under pressure and manage multiple priorities;-
- Capable of understanding technical details and then presenting in layman’s terms to a less technical audience (eg. executives, product owners, etc).Location:
Montréal, QC
Company:
Cogeco Communications
-
Vulnerability Management Lead-
3 months ago
Montréal, Canada Société Générale Full time**Responsibilities**: **ABOUT THE JOB**: The aim of Global Business Service Unit (GBSU) Canada is to deliver day-to-day services to Société Générale investment and corporate bank units and their clients to accelerate their transformation. GBSU differentiates itself from competitors with the pace of the agile transformation delivered, spreading the...
-
Infosec Specialist, Training
3 months ago
Montréal, Canada Business Development Bank of Canada Full timeNo other bank is doing what we do. At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We’re devoted to Canadian entrepreneurs. We’re also dedicated to our employees. Adaptable. Inspiring. Different....
-
Vulnerability Management Lead-
1 month ago
Montréal, QC, Canada Société Générale Full time**Responsibilities**: **ABOUT THE JOB**: Group Chief Operating Office (GCOO)’s vision is to enable best-in-class operational excellence across the Group leveraging on Technology (Digital, Data and AI) and Talents. Group COO functions are the foundations that will enable and support business efficiency, differentiation, and development. GCOO leverages on...
-
Manager, Infosec Cyber Grc
3 months ago
Montréal, Canada Business Development Bank of Canada Full timeNo other bank is doing what we do. At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We’re devoted to Canadian entrepreneurs. We’re also dedicated to our employees. Adaptable. Inspiring. Different....
-
Infosec Specialist
4 months ago
Montréal, Canada Business Development Bank of Canada Full timeNo other bank is doing what we do. At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We’re devoted to Canadian entrepreneurs. We’re also dedicated to our employees. Adaptable. Inspiring. Different....
-
Cybersecurity Advisor
3 months ago
Montréal, Canada CTConsultants Full time**CTC007566 - Cybersecurity Advisor**: **Secteur industriel: Infrastructure**: **Type d'emploi: Contract**: **Durée: Eleven months**: **Mode de travail: Remote**: **Description**: Duration: 300 hours Possibility of extension: Yes Flexible hourly rate Remote: Hybrid. 10% in-office and 90% remote. Offices are in Montreal, Ottawa or...
-
Offensive Security Advisor
3 months ago
Montréal, Canada Desjardins Full timeAt Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should...
-
Infrastructure Configuration and Vulnerability
4 months ago
Montréal, Canada Vantage Data Centers Full timeAbout Vantage Data Centers Vantage is committed to being a workplace of inclusion, equity, respect and acceptance. We celebrate diversity and intentionally seek out opportunities to learn from one another’s experience. Vantage Data Centers powers, cools, protects and connects the technology of the world’s well-known hyperscalers, cloud providers and...
-
Cybersecurity Advisor
4 months ago
Montréal, Canada American Iron and Metal Full time**Company Description** American Iron & Metal (AIM) is a family-owned company and recognized global leader in the metal recycling industry with more than 125 sites and 4000 employees worldwide. We have continued to prosper for the last eight decades thanks to the dedication of our employees and the ongoing trust and support of our customers. Become part of...
-
Csoc Team Lead
1 month ago
Montréal, QC, Canada Intelcom Full timeRide the next mile with us! - Job Description: Responsibilities: - Leadership and Team Management: - Lead and grow a team of cybersecurity analysts, providing mentorship and guidance. - Coordinate with other teams and stakeholders to ensure alignment of security operations with overall organizational goals. - Foster a collaborative and team culture. -...
-
Vulnerability and Patch Specialist M&a Ops
3 months ago
Montréal, Canada WSP Full time**TEAM OVERVIEW** The M&A Operations team operates within the Global Security Operations and is comprised of engineers from various disciplines including server, storage, backup, network, and security, distributed in various countries throughout the world. The team is responsible for assessing and remediating the IT infrastructure of newly acquired...
-
Cyber Securityspecialist
5 months ago
Montréal, Canada Atlantis IT group Full time**Cyber Security Specialist** **Montreal, QC ( Hybrid Role )** **Long Term Contract** **Overview** The Cyber Security Specialist is responsible for creating, demonstrating, and mentoring to ensure a secure computing environment that protects against unauthorized access modification or destruction. This role will be part of Hyland's Security Operations...
-
Cyber Security Specialist Montreal, Qc
4 months ago
Montréal, Canada Atlantis IT group Full timeHi , Hope you are doing good ! Please find the below urgent position with me if you are available in the job market, please reply with your updated resume. **Cyber Security Specialist** **Montreal, QC ( Hybrid Role )** **Long Term Contract** **Overview** The Cyber Security Specialist is responsible for creating, demonstrating, and mentoring to ensure a...
-
Cyber Security and Information Technology Risk Lead
4 months ago
Montréal, Canada Business Development Bank of Canada Full timeWe are banking at another level. Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to...
-
Lead Advisor AML/ATF Program
2 weeks ago
montréal, Canada National Bank Full timeA career as a Lead Advisor in the Compliance Programs team at National Bank means actively participating in sound risk management and the development of the Anti-Money Laundering and Terrorist Financing (PCMLTF) Compliance program. You will act as a compliance expert in order to ensure the Bank’s co
-
Information Security Analyst
3 weeks ago
Montréal, QC, Canada Glocomms Full timeInformation Security AnalystLocation: Montreal, Canada (Hybrid 3-days on-site per week)Salary: Competitive base + bonus Working hours: 11:30am – 8:30pm ESTGlocomms are partnered with a globally leading high-frequency trading firm with a security-first mindset in the search for an Information Security Analyst to join a highly technical team of Security...
-
Information Security Analyst
1 month ago
Montréal, QC, Canada Glocomms Full timeInformation Security AnalystLocation: Montreal, Canada (Hybrid 3-days on-site per week)Salary: Competitive base + bonus Working hours: 11:30am - 8:30pm ESTGlocomms are partnered with a globally leading high-frequency trading firm with a security-first mindset in the search for an Information Security Analyst to join a highly technical team of Security...
-
Information Security Analyst
3 weeks ago
Montréal, QC, Canada Glocomms Full timeInformation Security AnalystLocation: Montreal, Canada (Hybrid 3-days on-site per week)Salary: Competitive base + bonus Working hours: 11:30am - 8:30pm ESTGlocomms are partnered with a globally leading high-frequency trading firm with a security-first mindset in the search for an Information Security Analyst to join a highly technical team of Security...
-
Information Security Analyst
1 month ago
Montréal, QC, Canada Glocomms Full timeInformation Security AnalystLocation: Montreal, Canada (Hybrid 3-days on-site per week)Salary: Competitive base + bonus Working hours: 11:30am – 8:30pm ESTGlocomms are partnered with a globally leading high-frequency trading firm with a security-first mindset in the search for an Information Security Analyst to join a highly technical team of Security...
-
Information Security Analyst
1 month ago
Montréal, QC, Canada Glocomms Full timeInformation Security AnalystLocation: Montreal, Canada (Hybrid 3-days on-site per week)Salary: Competitive base + bonus Working hours: 11:30am – 8:30pm ESTGlocomms are partnered with a globally leading high-frequency trading firm with a security-first mindset in the search for an Information Security Analyst to join a highly technical team of Security...
