Senior Security Advisor enhancing security measures to align with corporate objectives at Desjardins. Leading development of strategic initiatives and overseeing best practices in security.
About the role
- Senior Specialist in IT Security responsible for cybersecurity incident handling and threat analysis. Interfacing with managed security providers, analyzing threats, and managing incidents.
Responsibilities
- Serve as a technical resource for cyber security incident handling
- Provide qualified guidance on and coordinate execution of identification, analysis, response and monitoring of cyber threat and vulnerabilities
- Monitor and consult on technical vulnerability remediation Incident Management and Monitoring
- Manage Security incidents. Assist in developing concepts for efficient and effective security response activities.
- Be a trusted point of contact and expertise for incidents and manage all the incident response activities including escalation to upper management.
- Note: this role requires some on-call duty Vulnerability Management
- Analyze and interpret results of vulnerability management activities using standard frameworks (CVSS)
- Research and investigate new and emerging vulnerabilities, to include 0Day events
- Identify and resolve false positive findings in assessment results
- Assess compensating controls and validate their effectiveness
- Integrate information from disparate sources and create tactical intelligence that is relevant to protecting the business. Threat Management
- Research and investigate new and emerging cyber threats and vulnerabilities through participation in external security communities.
- Manage the collection, analysis, and dissemination of cybersecurity threat information
- Manage relationships with global stakeholders to identify business needs and design appropriate security controls.
- Analyze and interpret threat information using standard frameworks (Cyber Kill Chain, MITRE ATT&CK framework)
Requirements
- B.S in information assurance (or related field) with minimum of 3 years’ experience
- Minimum 1 years’ experience on a computer security incident response team or in an incident response role
- Practical experience with identifying, analyzing, and communicating cyber threat and vulnerability information
- Exemplary verbal and written communication skills (English business fluent spoken and written)
- Demonstrated ability to think strategically and perform detailed, complex analysis and data interpretation
- Effective interpersonal skills, out-of-the-box thinking and ability to interface with all levels of staff
- Ability to work under pressure and deal with ambiguous situations.
- Ideal, but not required
- Experience in a global corporation
- Experience with incident response across a multi-provider cloud environment
- Experience with incident management in Microsoft Azure
- Familiarity with Endpoint Detection and Response technologies (Microsoft Defender ATP, CrowdStrike Falcon)
- SANS Certified Incident Handler, CERT-Certified Computer Security Incident Handler certification or equivalent
- Experience applying threat and vulnerability analyses models, including the LM Cyber Kill Chain, the Diamond Model of Intrusion Analysis, the MITRE ATT&CK Framework and the Common Vulnerability Scoring System (CVSS)
Benefits
- Equal Opportunity Employer
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Controls Professional assessing internal control frameworks at Barclays, improving control effectiveness and managing risks to ensure compliance with regulations.
Senior Information Security Engineer at Wells Fargo investigating insider threats and strengthening cybersecurity measures. Conducting advanced investigations and collaborating with cyber teams to mitigate risks.
Staff Product Manager overseeing enterprise security product strategy for Tenable. Collaborating with various teams to deliver customer - focused solutions and product features.
Information Systems Security Officer managing operational security posture for information systems at GDIT. Collaborating closely with ISSM and ISO, handling security aspects, and ensuring compliance with security standards.
Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.
Senior Cyber Security Project Manager at Airbus Protect managing medium complexity projects in Cyber Security Consulting. Focusing on project leadership and team management in diverse client settings.
Security Architect responsible for designing cloud security architectures for leading brands. Ensuring compliance and guiding incident response strategies in AWS environments.
Senior Security Consultant for ISMS Management at Bundesdruckerei GmbH in Berlin. Responsible for security analysis, management, and advisory roles on cybersecurity issues.
IT - Systemadministrator managing Video Surveillance and Alarm Systems at Mühlbauer. Supporting technical solutions for multimedia and conference systems with project involvement and ticket handling.