Senior Defensive Security Advisor at Desjardins identifying and mitigating threats across systems and networks. Leading complex initiatives and collaborating with stakeholders for effective security posture.
About the role
- Reviewing and analysing findings from multiple data sources to assess their impact and determine remediation priorities.
- Developing remediation plans for high-priority vulnerabilities, using your offensive security expertise to identify potential attack paths.
- Collaborating across teams to disrupt those paths effectively, leveraging both your technical knowledge and that of others.
- Influencing stakeholders including technology owners and remediation teams to commit to and implement remediation strategies.
- Perform risk analysis on test data to ensure the most critical issues are addressed first, aligning with frameworks like MITRE ATT&CK and the Unified Kill Chain.
- Use threat intelligence to guide future assessments, ensuring testing is relevant to current controls and risks.
- Utilise BAS platforms and engage in continuous self-learning through provided resources to maintain your credibility and expertise.
- Partner with internal and external SMEs across Security Operations, Engineering, Threat Intelligence, and Vulnerability Management to design effective solutions.
- Mentor and guide colleagues, sharing knowledge and influencing others to resolve identified weaknesses.
- Lead small projects, ensuring timely and accurate implementation of solutions, and design unbiased methods to validate their effectiveness.
- Challenge and improve existing processes, contributing to documentation and reporting using tools like Kibana, Lucene, and Python.
- Communicate technical findings clearly to Risk teams and other stakeholders, ensuring risks are well understood and documented.
Requirements
- Experience within any of the following IT Security disciplines: Security Operations, Red teaming, Penetration Testing, Security Engineering.
- Along with expert knowledge of various enterprise technologies/infrastructure including network architectures, operating systems and security controls.
- Confident in their technical expertise and can present themselves as a technically competent SME.
- Exposure to Security Monitoring and Security Control technologies
- Exposure to Threat Intelligence sources
- Good experience of typical enterprise security services including but not limited to: Threat Intelligence Penetration testing Anti-malware Email/SPAM management Authentication mechanisms SIEM WAF Firewalls Proxy technologies IDS/IPS DLP
- Has a track record of technical delivery within a fast paced & pressured environment.
- Engages key stakeholders well
- Effective communicator 'not afraid to ask' mentality.
Benefits
- 25 days holiday, increasing through length of service, with option to buy or sell
- Bupa health insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Life and health insurance financial security advisor serving clients by providing advice and maintaining business relationships. Focused on sales of insurance products and services based on client needs.
CE
Care New EnglandDirector, Security
Director of Security overseeing all safety and security operations for Women & Infants Hospital. Responsible for deterring crime, protecting premises, and managing transport services.
Responsable Pôle Sécurité Médiation Fraude managing security operations for public transport services in Metz. Ensuring safety and compliance while optimizing fraud prevention strategies.
RB
Cyber Security Engineer at Regions focusing on cloud and infrastructure security. Designs and implements cybersecurity solutions while providing technical support and guidance.
CA
Capital.comIAM Security Engineer
IAM Security Engineer focusing on identity and access management automation in a dynamic digital assets company. Contributing to scaling IAM infrastructure through automated solutions and secure user lifecycle management.
FC
Ford Motor CompanySecurity Systems Data Integration Specialist
Data Analyst joining Ford's team to focus on security technologies and data integration. Responsible for improving data operations across global infrastructure and complex requests.
FC
Ford Motor CompanyMobile App Product Manager, Vehicle Security
Digital Product Manager at Ford creating connected vehicle experiences through integrated hardware and software solutions. Collaborating with teams to enhance customer experience through new digital products.
Cybersecurity Engineer implementing Zero Trust Reference Architecture solutions at Mythics. Deploying and maintaining Forescout platform within secure environments.
WA
WattpadSecurity Governance Manager
Security Governance Manager at WEBTOON responsible for IT and Security governance framework. Collaborating with Legal, Product, and Engineering teams in Los Angeles headquarters.