Senior Defensive Security Advisor at Desjardins identifying and mitigating threats across systems and networks. Leading complex initiatives and collaborating with stakeholders for effective security posture.
About the role
- Design, implement, and manage comprehensive security solutions including SIEM, DLP, EDR, DNS filtering, and encryption across cloud and on-prem environments.
- Administer firewalls, VPNs, and network security infrastructure with a focus on segmentation, least privilege, and Zero Trust principles.
- Lead vulnerability management efforts, including scanning, prioritization, patching, and remediation workflows.
- Oversee and optimize endpoint detection and response (EDR) tools such as Rapid7 and AWS GuardDuty.
- Manage identity and access management (IAM) systems, including SSO, Multi-Factor Authentication (MFA), Microsoft Entra ID (Azure AD), and Active Directory Group Policy.
- Conduct privileged account and user access reviews.
- Partner with IT and DevOps to embed security in CI/CD pipelines and automate controls where possible.
- Contribute to incident response efforts, from detection to root cause analysis and remediation.
- Leverage existing platforms and tools to develop and improve detection, response and containment workflows.
- Respond to real-time monitoring and alert triage for anomalies across SaaS and infrastructure platforms.
- Conduct post-incident reviews and implement proactive controls to prevent recurrence.
- Contribute to disaster recovery and business continuity planning and exercises.
- Serve as the technical lead for the security team, mentoring junior engineers and driving cross-functional security initiatives.
- Partner with Infrastructure, Engineering, and Compliance to integrate security into all stages of system design and delivery.
- Represent Foley in discussions with auditors, vendors, and internal stakeholders on all matters related to cybersecurity and compliance.
- Advocate for security awareness and education across the organization.
- Manage vendor security reviews using ticketing and vendor management solutions.
- Evaluate new tools, vendors, and partners through a security-by-design lens.
- Collaborate with the Compliance department in support of both internal and external audit efforts, including SOC 2 engagements and PCI-DSS internal audits.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- CISSP, SSCP, or equivalent certifications (completed or in progress).
- 5+ years of experience in IT security engineering, with strong exposure to cloud and hybrid environments.
- Proven experience with:
- Microsoft Entra ID (Azure AD), Active Directory, and Group Policy Management
- Single Sign-On (SSO) and Identity Federation (SAML, OIDC, OAuth 2.0)
- AWS security architecture, IAM roles, and network security groups
- Endpoint and network security tools, EDR, SIEM, SOAR, and vulnerability scanner
- Familiarity with cloud access security solutions is a plus.
- Familiarity with containerization or serverless workload solutions, such as Kubernetes, is a plus.
Benefits
- medical, dental, and vision coverage
- 401(k) with company match
- paid time off and holidays
- wellness programs
- employee assistance program
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Life and health insurance financial security advisor serving clients by providing advice and maintaining business relationships. Focused on sales of insurance products and services based on client needs.
CE
Care New EnglandDirector, Security
Director of Security overseeing all safety and security operations for Women & Infants Hospital. Responsible for deterring crime, protecting premises, and managing transport services.
Responsable Pôle Sécurité Médiation Fraude managing security operations for public transport services in Metz. Ensuring safety and compliance while optimizing fraud prevention strategies.
RB
Cyber Security Engineer at Regions focusing on cloud and infrastructure security. Designs and implements cybersecurity solutions while providing technical support and guidance.
CA
Capital.comIAM Security Engineer
IAM Security Engineer focusing on identity and access management automation in a dynamic digital assets company. Contributing to scaling IAM infrastructure through automated solutions and secure user lifecycle management.
FC
Ford Motor CompanySecurity Systems Data Integration Specialist
Data Analyst joining Ford's team to focus on security technologies and data integration. Responsible for improving data operations across global infrastructure and complex requests.
FC
Ford Motor CompanyMobile App Product Manager, Vehicle Security
Digital Product Manager at Ford creating connected vehicle experiences through integrated hardware and software solutions. Collaborating with teams to enhance customer experience through new digital products.
Cybersecurity Engineer implementing Zero Trust Reference Architecture solutions at Mythics. Deploying and maintaining Forescout platform within secure environments.
WA
WattpadSecurity Governance Manager
Security Governance Manager at WEBTOON responsible for IT and Security governance framework. Collaborating with Legal, Product, and Engineering teams in Los Angeles headquarters.