Senior Manager of Security Architecture and Operations, Information Security
3 weeks ago
We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department
The Role:
A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security is responsible for ensuring the security, integrity, and availability of First National information assets. The candidate will contribute to the management and continuous improvement of multiple security programs. The position entails the development, implementation, and maintenance of the security controls, through people, processes, and technology, across the organization.
This role requires the following skills:
Knowledgeable about architecture & design principles, network security, application security, vulnerability management, and incident management principles. Assess the threat landscape and work internally to protect the organization from risk. Effective and dynamic communicator.Reporting To:
Assistant Vice President, Information Security
Full-Time/Part- Time:
Full-time
Posting Date:
March 6, 2024
Closing Date:
April 6, 2024
Hours of Work:
8:30 – 5:00
Grade:
Office Location:
Downtown Toronto
Great location Steps away from the main public transit station
What we offer:
Highly competitive compensation package which includes, base salary, bonus, benefits, and career advancement opportunities
*Eligibility for benefits is dependent on the terms of employment
What you will do:
Maintain secure, resilient enterprise-grade processes in tandem with various IT stakeholders, such as, Information Security, IT Infrastructure and Operations, Application Development, etc. Maintain oversight of security systems and security configuration administration to adequately respond to risk to enterprise systems and accounts, both on-premise and the cloud. Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats. Prepare periodic reports to Information Security and IT Leadership to showcase the current security posture of our Information Security Program Protect systems in compliance with Information security policies and standards such as ISO 27001 and SOC2. Manage a team of Information Security professionals across multiple programs. Influence internal and external partners to ensure they build solutions consistent with the organization's planned policies, programs, architectural recommendations, and Information Security standards, including within the cloud. Attend regular technical project and implementation meetings and serve as the security ambassador to help guide secure application and infrastructure configurations, for on-premise and cloud systems. Manage the day-to-day activities of threat and vulnerability management, recommend treatment plans, and communicate information about risks. Support in the documentation of risks and mitigating controls, including policy/procedure updates.Security Operations and Incident Management Program
Lead the implementation, configuration, and daily operation of Information Security technologies that are implemented in First National’s environments. Act as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement within the department; and within the organization, from a technical standpoint. Orchestrate the incident response process within the department, and work with key stakeholders within the department to respond, resolve and recover from the incident. Manage third-party security partners, ensure objectives are met, and work in partnership to continuously improve security operations processes. Act as an active participant within Incident Tabletop exercises Streamline, mature and automate (where applicable), the Incident Response playbooks and processes within the organization.Vulnerability Management Program
Analyze threat and vulnerability feeds data for applicability to the environment and perform compensating controls analysis and validate efficacy of existing controls and provide recommendations. Lead the team to perform security research, analysis, assessments and support with penetration testing and remediation actions. This includes: The external and internal coordination of periodic penetration testing and remediation tracking Conduct application and network vulnerability assessments to evaluate attack vectors, identify vulnerabilities, and develop remediation plans. Work with IT stakeholders to guide and assist them during the remediation process. Develop and mature the Offensive Security Program that entails, web application penetration testing, red/purple teaming, etc.Application Security Program
Ensure coverage and remediate of secure code review with Application Development stakeholders (including SAST & DAST) Work with the Application Development leadership and delivery teams to integrate security controls within the development pipeline ensuring an efficient development process with early security control gates. Working with IT groups to define, develop, socialize, and execute long-term application security roadmap. Assisting in the evaluation, selection, onboarding, and management of AppSec vendors and tools.Threat Modelling
Perform periodic threat modelling and maintain the model for currency and tracking of any risk remediation activities. Assess information technology control elements to mitigate IT security risks regarding the confidentiality, integrity and availability of information and assets.Audit and Compliance Management
Support the Information Security Department to provide adequate evidence to support the audit and provide responses for remediations. Provide guidance and supervision on Information Security compliance to ensure Security controls are functioning appropriately within the organization. Advise on development and implementation of Information Security metrics, measurement criteria and reporting to ensure compliance and continuous improvement. Perform periodic compliance reporting to provide assurance of coverage and effectiveness of controls, such as, but not limited to Secure configuration audits to complement the on-going Infrastructure and Application Vulnerability Management program. Certificate scanning and work with the internal stakeholders to address any issues. Review and tracking of firewall rule base review. Configurations of Web Application Firewalls (WAF)The Requirements Needed:
A total of 10 years of experience, with a minimum of 7 years of prior information security management work experience in a medium or large size organization is required. 3+ years of experience with Microsoft Azure platform capabilities, best practices with architectures, and security toolsets. 3+ years Security System administration and engineering experience in on-premise and/or cloud infrastructure. 2+ years of SOC experience or responding to traditional or cloud based cyber security investigations. Candidates with certifications such as CISSP, CCSP, OSCP, GPEN, or CISM, are preferred. Experience with MS Sentinel, and Microsoft suite of security products, such as, but not limited to, Defender for Endpoint, Defender for Identity, Defender for cloud, etc. Experience in incident response and forensics a strong asset. Familiarity with the MITRE ATT&CK framework. Fundamental network security understanding. Track record of planning and executing complex work efforts. Strong interpersonal communication, analysis, and writing skills. Ability to align management and leadership strategies when working on projects. Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others. Superior verbal and written communication skills. Must be a team player.The team you will join:
Founded in 1988, First National is one of Canada’s largest non-bank lenders. We provide residential mortgages exclusively through our mortgage broker channel and service commercial clients through our national origination team of empowered advisors.
At First National, It’s in our Nature is our rallying cry. It underlies our values, beliefs, and how we show up for each other, our clients, our partners and the community. Our nature defines who we are and guides every decision we make.
First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation or any other category protected by law.
First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at .
We would like to thank all applications for their interest, but only candidates selected for an interview will be contacted.
#FNLOON
-
Toronto, ON, Canada Toronto, ON, Canada Full timeSenior Manager of Security Architecture and Operations, Information Security We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security is responsible for ensuring the security,...
-
Toronto, ON, Canada First National Financial LP Full timeSenior Manager of Security Architecture and Operations, Information Security Toronto, ON, Canada Job Description Posted Wednesday, March 6, 2024 at 5:00 AM | Expires Sunday, April 7, 2024 at 3:59 AM We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral...
-
Old Toronto, Canada First National Financial LP Full timeSenior Manager of Security Architecture and Operations, Information Security Toronto, ON, Canada Job Description Posted Wednesday, March 6, 2024 at 5:00 AM | Expires Sunday, April 7, 2024 at 3:59 AM We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member...
-
Old Toronto, Canada First National Financial LP Full timeSenior Manager of Security Architecture and Operations, Information Security Toronto, ON, Canada Job Description Posted Wednesday, March 6, 2024 at 5:00 AM | Expires Sunday, April 7, 2024 at 3:59 AM We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member...
-
Old Toronto, Canada First National Financial LP Full timeSenior Manager of Security Architecture and Operations, Information Security Toronto, ON, Canada Job Description Posted Wednesday, March 6, 2024 at 5:00 AM | Expires Sunday, April 7, 2024 at 3:59 AM We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member...
-
Old Toronto, Canada Toronto, ON, Canada Full timeSenior Manager of Security Architecture and Operations, Information Security We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security is responsible for ensuring the security,...
-
Old Toronto, Canada Toronto, ON, Canada Full timeSenior Manager of Security Architecture and Operations, Information Security We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security is responsible for ensuring the security,...
-
Old Toronto, Canada Toronto, ON, Canada Full timeSenior Manager of Security Architecture and Operations, Information Security We are hiring a Senior Manager of Security Architecture and Operations in our Information Security department! The Role: A strategic and integral member of the Information Security Team, reporting to the AVP, Information Security is responsible for ensuring the security,...
-
Security Operations Manager
1 week ago
Toronto, ON, Canada Securitas Security Services USA, Inc. Full timeSecuritas is currently seeking a Security Account Manager to join their client in the Scarborough area. We are seeking an individual with experience in a corporate setting. The Security Account Manager (SAM) serves as a security advisor for the client and provides strategic direction and leadership for the assigned facilities. The SAM will have...
-
Security Operations Manager
1 week ago
Old Toronto, Canada Securitas Security Services USA, Inc. Full timeSecuritas is currently seeking a Security Account Manager to join their client in the Scarborough area. We are seeking an individual with experience in a corporate setting. Securitas is proud to employ over 350,000 employees globally in various industries with our clients and we are looking to add to our family. The Security Account Manager (SAM) serves as a...
-
Security Operations Manager
1 week ago
Old Toronto, Canada Securitas Security Services USA, Inc. Full timeSecuritas is currently seeking a Security Account Manager to join their client in the Scarborough area. We are seeking an individual with experience in a corporate setting. Securitas is proud to employ over 350,000 employees globally in various industries with our clients and we are looking to add to our family. The Security Account Manager (SAM) serves as a...
-
Security Operations Manager
1 week ago
Old Toronto, Canada Securitas Security Services USA, Inc. Full timeSecuritas is currently seeking a Security Account Manager to join their client in the Scarborough area. We are seeking an individual with experience in a corporate setting. Securitas is proud to employ over 350,000 employees globally in various industries with our clients and we are looking to add to our family. The Security Account Manager (SAM) serves as a...
-
Security Operations Manager
1 week ago
Toronto, ON, Canada Securitas Security Services USA, Inc. Full timeSecuritas is currently seeking a Security Account Manager to join their client in the Scarborough area. We are seeking an individual with experience in a corporate setting. Securitas is proud to employ over 350,000 employees globally in various industries with our clients and we are looking to add to our family. The Security Account Manager (SAM) serves as...
-
Manager - Security Engineering
2 weeks ago
Toronto, ON, Canada Opal Security Full timeOpal is building the next generation of access management. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. We are taking an age old problem in enterprise software and making it simple. Our product prioritizes consumer grade simplicity with enterprise scale, reliability, and...
-
Senior Security Administrator
4 weeks ago
Toronto, Canada Canadian Institute for Health Information Full timeAt CIHI, we recognize what matters to our employees. Some of the benefits of working at CIHI include HOOPP Pension Plan (Defined Benefits Pension) Retirement Planning Program Generous vacation days for permanent and long-term contracts Work-life balance Career Planning Program Learning and Professional Development Program Flexible benefits...
-
Toronto, Canada First National Financial Full timeWorking together to be our best! We are hiring a Security Operations Analyst, Information Security! **Reporting To**: Manager, Information Security/ Security Operations **Full-Time/Part - Time**: Full-time **Posting Date**: May 9, 2024 **Closing Date**: May 31, 2024 **Hours of Work**: 8:30 a.m. - 5:00 p.m. **Grade**: 8.4 **Office Location**: Toronto Great...
-
Director, Information Security Operations
1 week ago
Toronto, Canada Tucows Full timeTucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you've never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo.What's next at TucowsWe embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that...
-
Director, Information Security Operations
1 week ago
Toronto, Ontario, Canada Tucows Full timeTucows (NASDAQ:TCX, TSX:TC) is possibly the biggest Internet company you've never heard of. We started as a simple shareware site in 1993 and have since grown into a stable of businesses: Tucows Domains, Ting Internet and Wavelo.What's next at TucowsWe embrace a people-first philosophy that is rooted in respect, trust, and flexibility. We believe that...
-
Director Security Architecture and Planning
3 weeks ago
Toronto, ON, Canada CGI Full timePosition Description: As a member of CGI’s Global Security organization, the candidate will play an integral role in defining and assessing the organization's security strategy, architecture, and practices. The candidate will work within a multi-disciplinary Enterprise Security Architecture team to support business units and corporate functions to...
-
Manager, Information Security
4 weeks ago
Toronto, Canada North York General Hospital Full timeCompany Bio IMAGINE a hospital where everyone is committed to excellence. We did. We are. From boardroom to bedside, we go above and beyond to offer the best and safest patient care. At North York General Hospital (NYGH), we put our patients first in everything we do. We are achieving a new standard of excellence in integrated patient-centered care and as...
