Team Manager, Cybersecurity

Job Description

Job Posting - Team Manager, Cybersecurity

This is a hybrid role with a mix of remote and in-office working

a

At Fidelity, we’ve been helping Canadian investors build better financial futures for over 35 years. We offer individuals and institutions a range of trusted investment portfolios and services - and we’re constantly seeking to find new and better ways to help our clients. As a privately owned company, we boldly embrace innovation in all areas as we continue to grow our business into the future.

Working with us means you’ll be part of a diverse and dedicated group of people who make a real difference for our clients and communities every day. You’ll have a wide range of opportunities to grow and develop your career in an inclusive environment where you’ll feel valued and supported to be your best - both personally and professionally.

Business Overview:
This role reports to the Manager, Information Security and Risk.

How You'll Make an Impact:
Ensure computing platform compliance with Cybersecurity policies and directives:

- Use provided tools to perform continuous monitoring and analysis of system activity to identify malicious activity and configure mitigations.
- Coordinate with other departments to manage and administer the updating of rules and signatures across the information security stack (e.g. intrusion detection/protection systems, anti-virus, and content blacklists).
- Identify and recommend actions to address vulnerabilities in the computing environment or inconsistencies in existing security processes.
- Meets departmental SLAs & and targets relating to CDO functions.
- Meet compliance requirements and deadlines on Patching/Upgrades, Anti-virus/Anti-spyware, data loss protection events, vulnerability scanning etc.

Lead Red and Blue Team exercises:

- Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
- Participate in projects, reviews, and meetings, and provide guidance and feedback on security policies and issues.
- Implement and support compliance directives based on risk scores (NIST).

Lead Cybersecurity Incident Management:

- Lead the triage, investigation, and response of Cybersecurity incidents.
- Analyze identified malicious activity in the computing environment to determine weaknesses exploited, exploitation methods, and effects on systems and information.
- Prioritize and assign tasks to other team members as appropriate.
- Managing and responding to cybersecurity events and incidents.
- Monitor the progress of remediation activities.
- Communicating with management accurately and appropriately.
- Coaching and mentoring team of Cyber Analyst for continued development and results.
- Coordinating activities with other CDO teams and IT groups in Canada and FIL to ensure overall quality & and timeliness of deliverables.

Support Risk Mitigation and Remediation:

- Support Cybersecurity risk mitigation efforts primarily through technical support of processes established to safeguard information assets.
- Develop and maintain scripts for the automation of various CDO tools and processes.
- Develop and maintain reporting.
- Support IT projects from a security perspective.
- Advise on Cybersecurity policies, industry standards, best practices, and strategies.
- Improve employee awareness of Cybersecurity risks, threats, and processes.

Develop, Manage and Build Effective Team:

- Meet weekly with staff members and support and coach them in their day-to-day work, career development, and developmental goals.
- Objectively evaluate employee performance.
- Give timely and constructive feedback.
- Address performance issues in a timely and direct manner.
- Meet weekly with staff members and support and coach them in their day-to-day.

What We Are Looking For:

- Minimum Five (5) years of experience as a Cybersecurity analyst, Information systems security administrator, or specialized expertise in cyber incident management, intelligence, analytics, and audit.
- Two (2) years of experience of management experience in Cybersecurity (preferable in SOC environment).
- Strong organizational skills, must be able to handle multiple initiatives/tasks at the same time.
- Must be detail-oriented and process-driven.
- Nice to have - Banking, finance, or wealth management industry related experience.

The Expertise You Bring:

- Proficient and demonstrated experience in managing network security, UNIX and Windows operating systems security and Database security. Scripting knowledge of PowerShell, SQL, Excel VBA.
- Excellent knowledge of Cybersecurity detection and respond methodologies, standards and best practices.
- Knowledge of security threats, common attack vectors and the use of security tools to monitor the technology infrastructure and computing environment.
- Understanding of the underlying protocols including HTTP,