Senior Security Advisor - Detection engineering

JOB DESCRIPTION

Our employees are at the heart of what we do best: helping people, businesses and society prosper in good times and be resilient in bad times. When you join our team, you're bringing this purpose to life alongside a passionate community of experts. Feel empowered to learn and grow while being valued for who you are—here, diversity is a strength. You have our commitment to support you in reaching your goals with tools, opportunities, and flexibility. It's our employee promise.

Our hybrid work model provides the balance between working from home and enjoying meaningful in-person interactions. Read on to see how you can shape the future, win as a team, and grow with us.

About the Role

We're looking for a Senior Security Advisor to join our growing team!

What You'll Do Here:

Identify security events that need to be monitored.

Advise and support our team in all stages of development.

Ensure key risk metrics/indicators are developed and implemented to systematically measure and report information-related risks.

Identify and classify the risks then propose risk mitigation or remediation.

Analyze the risks associated with the various options available and propose a security solution to the operational issue that offers a fair balance between potential losses and the cost of the solution.

Identify gaps in IT compliance control and supervise the documentation, implementation and tests for the entire IT compliance control portfolio.

Monitor the latest industry trends and, where appropriate, proactively propose the introduction of new security practices and technologies when they become profitable.

Perform or coordinate application security tests for project teams.

Interpret the results of application security tests (code scanning, application intrusions, etc.).

Inform and educate development teams with regard to the application security development standards, methods and tools.

What You Need:

University degree in information security or any combination of equivalent education and experience.

8 to 10 years in cybersecurity or DevOps or infrastructure team.

Minimum 5 years of relevant experience in information technology, more specifically in information technology security.

Experience working with a SIEM such as Microsoft Sentinel and Google.

Experience in SOAR automation.

Experience in User and Entity Behavior Analysis (UEBA).

In-depth understanding of Kafka.

Understanding of Linux terminal.

Security certification would be an asset.

Strong knowledge of application security principles and practices.

Strong and practical knowledge of Cloud environment in terms of Security risk and tools available in AWS or other cloud environment.

Experience in a DevSecOps - CI/CD environment.

Good understanding of common security gaps in data and cloud applications and of operating techniques from sources such as SANS, OWASP Top 10, and Cloud Security Alliance (CSA).

Good understanding of common security gaps in data/AI applications.

Team player / good collaboration skills set.

Strong ethical principles and understanding of business and information security ethics.

No Canadian work experience required; however, must be eligible to work in Canada.

What We Offer

Working here means you'll be empowered to be and do your best every day. Here is some of what you can expect as a permanent member of our team:

A financial rewards program that recognizes your success.

An industry-leading Employee Share Purchase Plan; we match 50% of net shares purchased.

An extensive flex pension and benefits package, with access to virtual healthcare.

Flexible work arrangements.

Possibility to purchase up to 5 extra days off per year.

An annual wellness account that promotes an active and healthy lifestyle.

Access to tools and resources to support physical and mental health, embracing change, and connecting with colleagues.

A dynamic workplace learning ecosystem complete with learning journeys, interactive online content, and inspiring programs.

Inclusive employee-led networks to educate, inspire, amplify voices, build relationships and provide development opportunities.

Inspiring leaders and colleagues who will lift you up and help you grow.

A Community Impact program, because what you care about is a part of what makes you different. And how you contribute to your community should be just as unique.

#J-18808-Ljbffr