MONTREAL [HYBRIDE] - Cyber Security Specialist – Vulnerability Management

IT Infra & Cyber Security Specialist Vulnerability Management

WHO WE ARE

As the founding entity of RAINBOW PARTNERS, Quanteam is a consulting firm specializing in Banking, Finance, and Financial Services.

Guided by our core values of closeness, teamwork, diversity, and excellence, our team of 1,000 expert consultants, representing 35 different nationalities, collaborates across 10 international offices : Paris, Lyon, New York, Montreal, London, Brussels, Geneva, Lisbon, Porto and Casablanca.

We are hiring an IT Infra & Cyber Security Specialist to work with one of our clients based in Montreal.

Mission

We are currently seeking an IT Infra & Cyber Security Specialist with expertise in Vulnerability Management to be located in our Montreal site.

This position will report to the Production Security Vulnerability Management head.

Responsibilities

• Execute routine tasks for the Production Security Vulnerability Management function, including activities such as reconciling assets with scanning data, conducting vulnerability scans, performing assessments, offering support for and coordinating remediation efforts, and generating reports.
• Provide continuous assistance to stakeholders involved in remediation efforts, assisting in assessing, prioritizing, and monitoring the progress of remediation activities.
• Generate scheduled Vulnerability Management reports and provide support for ad-hoc reporting requests as needed.
• Enhance and refine Key Performance Indicators (KPIs), metrics, and trend analysis for the Vulnerability Management process.
• Maintain comprehensive documentation outlining the Vulnerability Management Program, policies, and procedures.
• Demonstrate the capacity to comprehend business requirements fully and collaborate with business partners to devise suitable solutions that meet both security requirements and business objectives.
• Establish strong collaborative relationships with IT Infrastructure, Development, and Application Support teams to effectively address remediation priorities stemming from routine operations and project-related initiatives.
• Contribute to relevant Governance and Steering committees, ensuring the provision of associated KPI reports and tracking actions as necessary.

Profile

SKILLS AND QUALIFICATIONS :

Must have :

• Experience with VM scanning tools such as Nexpose, Qualys, and Tanium is required.
• Excellent written and verbal communication skills are essential.
• Strong expertise in IT Infrastructure and Cyber Security is necessary.
• Comprehensive experience with operating systems, network security, protocols, application security, infrastructure hardening, and security baselines is crucial.
• Proficiency in Reporting / BI platforms like PowerBI, JIRA, and similar tools is preferred.
• Ability to work with large data sets and distill findings to achieve specific objectives is important.
• Capability to coordinate, establish relationships, and represent Production Security with stakeholders is required.
• Demonstrated experience in process improvement, including the ability to identify feasible solutions and recommend new approaches, is beneficial.
• Solid problem-solving and analytical skills are necessary, along with resourcefulness, innovation, results orientation, and adaptability.
• Extensive proficiency with MS Office products, including Word, Excel, PowerPoint, Outlook, and others, is expected.
• Familiarity with industry standards related to Vulnerability Management, including Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS), is important.
• Experience with Security Standards / Controls specified under various IT governance and compliance models such as NIST, HIPAA, PCI, GDPR, ISO 27001 & 27002 is advantageous.
• Previous experience working in large-scale environments with diverse technologies is a prerequisite.

Preferred Qualifications :

• Minimum of 5+years of professional experience
• IT Development / Infrastructure background (Developer, DevOps, System Admin)
• Industry certifications such as CISM, CISSP, CRISC or similar
• Financial Services background

Education

Bachelor’s degree in computer science / information systems or related field and / or sufficient professional work experience in a similar position.