Talent.com
Security Engineer

Security Engineer

BCIVictoria, BC
30+ days ago
Salary
CA$120,000.00–CA$140,000.00 yearly
Job type
  • Full-time
Job description

Closing Date : Open Until Filled

BCI is working with an external recruitment firm. Please do not submit your application directly to BCI. Applications submitted through this site will not be reviewed.

To explore this opportunity, please contact . Only qualified candidates who match the requirements will be contacted.

We're looking for a Security Engineer to contribute to our growing security program! Invest in your career at BCI; this exciting opportunity will provide career growth opportunities as you gain new security skills during your work.

Join a world-class team of professionals working together to ensure over half a million British Columbians have a financially secure future.

THE OPPORTUNITY

In this role, you will contribute to developing security requirements and designing and implementing security solutions. BCI’s Cyber Security Team is the source of expert cyber security advice, guidance, security operations, technical services and support that defends BCI against all cyber security threats. You will collaborate closely with business partners in an Agile environment, enabling the effective and efficient delivery of secure, quality products.

The position can be based in either Vancouver or Victoria, with occasional travel between the two cities (paid for by BCI). This role is targeting a Level 2 or Level 3 candidate.

Level 2 : Responsible for cyber security and risk analysis and operations and contributes to projects with a low-to-mid level of complexity and stakeholder engagement, typically acquired through 5+ years of experience. Works independently and has a professional level of competency within the role.

Level 3 : Responsible for cyber security risk analysis and operations and leads projects with a mid-to-high level of complexity and stakeholder engagement, typically acquired through 8+ years of experience. Works independently, provides guidance and training to others, and has an advanced level of competency within the role.

WHAT YOU BRING

The following qualifications illustrate a standard Level 2 and may be scaled up in scope and depth of expertise or experience based on the level selected.

Bachelor’s degree in Engineering, Computer Science, or a related technology field

A minimum of 5 years of experience in progressively senior technical roles with responsibility focused on information security processes, products, and projects

Expert knowledge in engineering secure systems

Experience with securing cloud environments

Must have excellent documentation, customer service, listening, communication and problem-solving skills

Must be able to implement programs and integrate security technologies and solutions to measure and sustain the security posture of large, complex environments

Experience with Agile methods (Scrum) and DevOps practices

Professional certifications such as Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM) or equivalent experience is essential

TECHNICAL SKILLS REQUIREMENTS

Applicants should be able to explain on their resume the technologies with which they have non-technical and technical expertise.

Identity and access management systems for hybrid environments

Secure coding and secure infrastructure as code

Systems engineering

Threat modelling

Security project delivery

Windows and Linux operating systems security, virtualization technology security, container security and serverless computing security, hardening systems against CIS Benchmarks

Privileged access management systems experience for hybrid environments

EDR and other endpoint protection technologies

Firewall, intrusion protection and intrusion detection systems

Conditional controls

User and entity behaviour analytics (UEBA) systems

SOAR and security integrations

Zero Trust architecture, Zero Trust Network Access systems, Zero Trust application publishing

Cloud Native Application Protection Platform (CNAPP) systems and Cloud Security Posture Management (CSPM) systems

Secure application design principles

Data Classification and DLP solutions

Enterprise vulnerability management, including vulnerability assessment, remediation, and reporting

Microsoft Azure security engineering and best practices

Various networking technologies, including subnetting, NAC, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods

CIS Critical Controls

Security governance

Incident response

Phishing and social engineering experience

Red or Purple Team experience

WHAT YOU GET TO DO

The following responsibilities illustrate a standard Level 2 , which may be scaled down or up in leadership, complexity, and autonomy based on the selected level.

Helping others solve problems and perform root cause analysis

Expert security advice : Product security reviews, secure design consultation, threat modelling, security design reviews, Privacy Impact Assessments, network design reviews, application security

Security operations : Incident response, security investigations, security alerting, security reporting, security support

Vulnerability management : identify, remediate, and mitigate vulnerabilities impacting BCI

Consultation, system hardening consultation

Writing security directives : Documenting security requirements for BCI

Administrating security infrastructure : BCI’s networks, remote access, endpoint detection and response, identity and access management, multi-factor authentication, security logging and vulnerability scanning

Security awareness, security training, security orientations

Integrates security systems together and designs conditional access systems

Ability to communicate complex security issues and develop security user stories in the language that non-technical stakeholders can understand

Ability to solve security problems in a technology project’s lifecycle

Proactively identifies problems and raises solutions

Performs validation and tuning of security testing tools to provide accurate and actionable results that drive improvements to BCI’s overall security posture

Performs security monitoring of solutions and serves as a subject matter expert during security incident response events

Undertakes special projects or assignments as required

Ability to document designs as well as produce technical reports in support of security initiatives

Performs other related duties as required

THE BCI TECHNOLOGY TEAM

BCI’s Technology Department plans, provides, maintains, and supports business applications and information technology infrastructure. The Technology department is foundational to BCI - working as a strategic partner to provide technology that supports investment processes and all other business activities.

Hear from some of BCI’ers about their thoughts on being a part of the Technology team :

WHERE YOU WILL WORK

Work from either our downtown Victoria or Vancouver office. With 4 days per week in office and one from home.

SALARY RANGE

BCI offers a competitive total rewards package which includes a performance-based incentive plan, comprehensive health & dental benefits, a defined benefit pension plan and paid time off.

The annualized base salary range for this Victoria or Vancouver-based role is CAD $120,000 to $140,000.

The base salary offered to the successful candidate will consider a wide array of factors including but not limited to the individual’s skill set, level of experience applicable to the role they are being offered and consideration to internal equity.

We pay our people competitively in the markets in which we compete for talent and with consideration to internal equity and job structure. We aim for actual pay to be around the median of the market for target or expected levels of performance, and around the upper quartile of the market for excellent performance.

Actual salaries may vary and may be above or below the range based on various factors, including, but not limited to, experience and expertise.

WHY APPLY TO JOIN BCI

With our values as our anchor, it’s our people that help shape employee-focused initiatives and who create the environment we work in each day – all of which further strengthens our culture. BCI has been recognized as one of – for the fifth consecutive year - and has built programs and benefits to support all our employees, including;

Extended health and dental coverage, start on your first day of work. We have you covered!

Our telehealth provider connects you and your family to virtual healthcare appointments.

Eligibility to the defined benefit providing you with a secure retirement income.

Time off includes : 20 days vacation, 6 paid sick days, 6 paid personal days, and 2 paid days for volunteering – to support physical, mental, and community health.

Four days in office, with the option to work from home once a week, promoting both a collaborative work culture and a healthy work-life balance.

Annual wellness allowance to support an active lifestyle as well as physical well-being when working at home.

On-going learning through our in-house mentoring program, professional dues support, tuition reimbursement, and online and in-house learning.

Relocation support is available if a move to one of BCI’s locations is required.

Invested in your learning : BCI investment professionals lead a monthly Investment Club to share industry knowledge with employees who work in other departments.

We are performance and client focused and value integrity; if you share these values, we want to know you.

We recognize that some skills can be learned on the job and encourage all to apply.

If you require an accommodation for the recruitment process (including alternate formats of materials, accessible meeting rooms or other accommodations), please let us know.

We would like to hear from you!