Information Security Engineer III - Daily

Title : Information Security Engineer III - Daily

Location : Montreal, QC

Duration : 12 month(s)+

We are currently seeking an IT Infra & Cyber Security Specialist with expertise in Vulnerability Management to be located in our Montreal site.

This position will report to the Production Security Vulnerability Management head.

In detail

• Perform BAU activities of Production Security Vulnerability Management function, including : Asset / Scanning reconciliation, Vulnerability Scanning, Assessment, Remediation Support / Coordination & Reporting.
• On-going support to remediation stakeholders to assess, prioritize and track execution of remediation efforts.
• Deliver Vulnerability Management reporting and analytics functions on a scheduled basis and support ad-hoc report requests
• Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
• Maintain appropriate documentation that defines the Vulnerability Management Program, policies, and procedures.
• Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
• Build strong working relationships with IT Infrastructure, Development & Application Support teams to achieve remediation objectives driven by BAU & Project related priorities
• Contribute to related Governance / Steering committees, associated KPI reporting and action tracking

The strengths and skills that will help you succeed

• Experience with VM scanning tools (Nexpose, Qualys, Tanium)
• Strong written and verbal communication skills
• Strong overall IT Infrastructure and Cyber Security expertise
• Strong experience with operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
• Experience with Reporting / BI platforms (ie, PowerBI, JIRA and similar platforms)
• Experience working with large data sets and ability to summarize findings to achieve target objectives
• Ability to coordinate, build relationships, and represent Production Security with stakeholders
• Process improvement experience, ability to identify feasible solutions and recommend new approaches
• Solid problem solving & analytical skills; must be resourceful, innovative, results driven and adaptable
• Extensive experience with MS Office products including Word, Excel, PowerPoint, Outlook and others
• Experience of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS)
• Experience Security Standards / Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
• Previous experience working in large-scale environments with diverse technologies is a must

Preferred Qualifications :

• B.S. / B.E. in Computer Science or equivalent field
• Minimum of 5+years of professional experience
• IT Development / Infrastructure background (Developer, DevOps, System Admin)
• Industry certifications such as CISM, CISSP, CRISC or similar
• Financial Services background

TB EN