Lead Advisor, Infosec Threat and Vulnerability
7 months ago
Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.
Time Type:
Regular
Job Description:
SUMMARY OF POSITION:
Reporting to the Manager, Information Security Governance Risk and Compliance, the InfoSec Threat and Vulnerability Management Senior Advisor will lead the design, implementation, reporting and remediation follow ups for vulnerability management. This also includes overseeing penetration testing, evaluating findings, translating findings into actionable tasks and supporting remediation.
The incumbent works to operate an effective and modern vulnerability and risk mitigation program, with an advanced understanding of the current state (threats, risks, people, processes and technologies), in collaboration with the other cybersecurity teams and business units.
**MAIN RESPONSIBILITIES**:
Leads and owns the Vulnerability Management function across all business units (BU).-
- Collaborates with the business units Vulnerability Analysts to consolidate all activities into a corporate InfoSec Vulnerability management database.-
- Collaborates with ERM (Enterprise Risk Management) and the Business Unit ISwg (Information Security working group) leaders to identify and prioritize high exposure vulnerabilities.Provides expertise in the prioritization of vulnerabilities based on real data, the risks posed, and the business context;Operates vulnerability management tools (in a shared responsibility model with the Analysts from the business units) and takes the ownership of constantly improving them;-
- Analyzes asset and vulnerability operational datasets to provide meaningful, actionable metrics and data visualizations;-
- Documents vulnerability analysis and assessment findings after performing risk analysis;-
- Advises business units on corrective actions and collaborates with InfoSec teams and ERM to ensure remediation and any adjustments that could be needed;-
- Identifies new security requirements, risks, trends and develops appropriate responses;-
- Coordinate and supervise penetration testing exercises with external vendors, other InfoSec teams and business units;-
- Translate findings into actionable tasks and follow up on vulnerability remediation plans with the different stakeholders;-
- Gather relevant data to report on vulnerability management metrics;-
- Partners with key stakeholders to develop and/or update information security documents such as policies, standards, procedures, training material;-
- Remains aware of technological trends and developments in the area of information security.ESSENTIAL REQUIREMENTS
ACADEMIC TRAININGRecognized certification in Computer Science, Information Security or any relevant domain.- WORK EXPERIENCEMinimum 5 years experience in information security, IT support or system management-
- Experience in vulnerability risk and analysis and coordinating vulnerability management efforts.- TECHNICAL COMPETENCIESTechnical understanding of general security vulnerabilities and their mechanisms of exploitation;-
- Expertise in setting up and operating Qualys and/or equivalent vulnerability management tool;-
- Experience in penetration testing is an asset;-
- Proficient in information security principles, and industry standards such as NIST and ISO;-
- Current industry standard security certification (Security+, SANS, Microsoft, Cisco etc.) is an asset;-
- Experience using tools to correlate unstructured data from various types of journals and event flows;-
- Experience with information security concepts related to threat and vulnerability management, system architecture and Internet and cloud technology;Knowledge of attack vectors, threat actors, and mitigation techniques;-
- Understanding of information security practices and policies.PARTICULAR COMPETENCIESPreferred fluency in French and English (spoken and written), to be able to collaborate with different Business Units in Quebec, Ontario and across the United States;-
- Has a collaborative business mindset with supporting work ethics;-
- Flexible and able to quickly adapt to change (embraces change);-
- Is viewed as a team player by peers and management;-
- Financial understanding of the impacts of his/her recommendations;-
- Be able to propose and negotiate solutions and initiatives;-
- Be fully autonomous and take ownership of the process;-
- Possess a strong capacity for analysis and synthesis;-
- Strong problem solving skills;-
- Excellent organizational and communication skills;-
- Attention to detail;-
- Ability to work under pressure and manage multiple priorities;-
- Capable of understanding technical details and then presenting in layman’s terms to a less technical audience (eg. executives, product owners, etc).Location:
Montréal, QC
Company:
Cogeco Communications
-
Vulnerability Management Lead-
6 months ago
Montréal, Canada Société Générale Full time**Responsibilities**: **ABOUT THE JOB**: The aim of Global Business Service Unit (GBSU) Canada is to deliver day-to-day services to Société Générale investment and corporate bank units and their clients to accelerate their transformation. GBSU differentiates itself from competitors with the pace of the agile transformation delivered, spreading the...
-
Infosec Specialist, Training
7 months ago
Montréal, Canada Business Development Bank of Canada Full timeNo other bank is doing what we do. At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We’re devoted to Canadian entrepreneurs. We’re also dedicated to our employees. Adaptable. Inspiring. Different....
-
Vulnerability Management Lead-
4 months ago
Montréal, QC, Canada Société Générale Full time**Responsibilities**: **ABOUT THE JOB**: Group Chief Operating Office (GCOO)’s vision is to enable best-in-class operational excellence across the Group leveraging on Technology (Digital, Data and AI) and Talents. Group COO functions are the foundations that will enable and support business efficiency, differentiation, and development. GCOO leverages on...
-
Montréal, QC, Canada Nutanix Full time**Hungry, Humble, Honest, with Heart.** **The Opportunity** Are you a proactive Technical Program Manager with strong communication skills and a passion for working collaboratively with cross-functional teams? If so, you'll thrive on our newly created team, where you will have the opportunity to make a significant impact on our vulnerability management...
-
Vulnerability Management Practice Leader
1 month ago
Montréal, QC, Canada National Bank of Canada Full timeA career as a vulnerability management practice leader in the information security team, CISO, at National Bank means acting as an expert and playing an important role in improving the vulnerability management practice. It is through your experience in operational cybersecurity, your in-depth knowledge of vulnerabilities and your strong leadership that you...
-
Cybersecurity Advisor
7 months ago
Montréal, Canada CTConsultants Full time**CTC007566 - Cybersecurity Advisor**: **Secteur industriel: Infrastructure**: **Type d'emploi: Contract**: **Durée: Eleven months**: **Mode de travail: Remote**: **Description**: Duration: 300 hours Possibility of extension: Yes Flexible hourly rate Remote: Hybrid. 10% in-office and 90% remote. Offices are in Montreal, Ottawa or...
-
Offensive Security Advisor
7 months ago
Montréal, Canada Desjardins Full timeAt Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should...
-
montréal, Canada National Bank Full timeA career as a vulnerability management practice leader in the information security team, CISO, at National Bank means acting as an expert and playing an important role in improving the vulnerability management practice. It is through your experience in operational cybersecurity, your in-depth knowledge of vulnerabilities and your strong leadership that you...
-
montréal, Canada National Bank Full timeA career as a vulnerability management practice leader in the information security team, CISO, at National Bank means acting as an expert and playing an important role in improving the vulnerability management practice. It is through your experience in operational cybersecurity, your in-depth knowledge of vulnerabilities and your strong leadership that you...
-
montréal, Canada National Bank Full timeA career as a vulnerability management practice leader in the information security team, CISO, at National Bank means acting as an expert and playing an important role in improving the vulnerability management practice. It is through your experience in operational cybersecurity, your in-depth knowledge of vulnerabilities and your strong leadership that you...
-
Infrastructure Configuration and Vulnerability
7 months ago
Montréal, Canada Vantage Data Centers Full timeAbout Vantage Data Centers Vantage is committed to being a workplace of inclusion, equity, respect and acceptance. We celebrate diversity and intentionally seek out opportunities to learn from one another’s experience. Vantage Data Centers powers, cools, protects and connects the technology of the world’s well-known hyperscalers, cloud providers and...
-
Cybersecurity Advisor
7 months ago
Montréal, Canada American Iron and Metal Full time**Company Description** American Iron & Metal (AIM) is a family-owned company and recognized global leader in the metal recycling industry with more than 125 sites and 4000 employees worldwide. We have continued to prosper for the last eight decades thanks to the dedication of our employees and the ongoing trust and support of our customers. Become part of...
-
Csoc Team Lead
4 months ago
Montréal, QC, Canada Intelcom Full timeRide the next mile with us! - Job Description: Responsibilities: - Leadership and Team Management: - Lead and grow a team of cybersecurity analysts, providing mentorship and guidance. - Coordinate with other teams and stakeholders to ensure alignment of security operations with overall organizational goals. - Foster a collaborative and team culture. -...
-
Vulnerability and Patch Specialist M&a Ops
6 months ago
Montréal, Canada WSP Full time**TEAM OVERVIEW** The M&A Operations team operates within the Global Security Operations and is comprised of engineers from various disciplines including server, storage, backup, network, and security, distributed in various countries throughout the world. The team is responsible for assessing and remediating the IT infrastructure of newly acquired...
-
Security Analyst
5 days ago
Montréal, Canada Ubisoft Full timeCompany Description Ubisoft’s 20,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players’ lives with original and memorable gaming experiences. Their commitment and talent have brought to life many acclaimed franchises such as Assassin’s Creed, Far Cry, Watch Dogs, Just Dance, Rainbow...
-
Nerc - Advisor Information Security (Conformity)
2 months ago
Montréal, QC H3C 3X6, Canada PM SCADA Cyber Défense Full time**Overview** We are seeking a dedicated and knowledgeable IT Security Specialist to join our team. Must know ISO 27001. NIST and NERC a plus. In this role, you will be responsible for protecting our organization's information systems and ensuring the integrity, confidentiality, and availability of data. You will work collaboratively with various departments...
-
Cyber Security Specialist Montreal, Qc
7 months ago
Montréal, Canada Atlantis IT group Full timeHi , Hope you are doing good ! Please find the below urgent position with me if you are available in the job market, please reply with your updated resume. **Cyber Security Specialist** **Montreal, QC ( Hybrid Role )** **Long Term Contract** **Overview** The Cyber Security Specialist is responsible for creating, demonstrating, and mentoring to ensure a...
-
IT Security Admin
2 months ago
montréal (saint laurent), Canada Cannara Biotech (Québec) inc Full timeGeneral summary Cannara Biotech is looking for an IT Security Administrator, who will help the IT team proactively ensure the security of all components as well as manage backups. You'll need to build a comprehensive cyber defense program, protecting our sensitive data, systems, and assets from today's threats and tomorrow's emerging threats. Main tasks and...
-
IT Security Admin
2 months ago
montréal (saint laurent), Canada Cannara Biotech (Québec) inc Full timeGeneral summary Cannara Biotech is looking for an IT Security Administrator, who will help the IT team proactively ensure the security of all components as well as manage backups. You'll need to build a comprehensive cyber defense program, protecting our sensitive data, systems, and assets from today's threats and tomorrow's emerging threats. Main tasks...
-
IT Security Admin
2 months ago
montréal (saint laurent), Canada Cannara Biotech (Québec) inc Full timeGeneral summary Cannara Biotech is looking for an IT Security Administrator, who will help the IT team proactively ensure the security of all components as well as manage backups. You'll need to build a comprehensive cyber defense program, protecting our sensitive data, systems, and assets from today's threats and tomorrow's emerging threats. Main tasks and...
