Lead Analyst, IT Security (BB-4A72E)
Found in: Neuvoo CA
Description de l'emploi
Founded in 1846, Laurentian Bank Financial Group (LBCFG) is a diversified financial services provider whose mission is to help its customers improve their financial health. The Laurentian Bank of Canada and its entities are collectively referred to as Laurentian Bank Financial Group (the "Group" or the "Bank").
With more than 2,900 employees guided by the values of proximity, simplicity and honesty, the Group provides a broad range of advice-based solutions and services to its personal, business and institutional customers. With pan-Canadian activities and a presence in the U.S., the Group is an important player in numerous market segments.
This role sits within LBC Tech, a subsidiary of Laurentian Bank Financial Group.
We are looking for a highly motivated talented IT Security professional to join our fast paced, dynamic and challenging environment. The incumbent will be responsible for leading security vulnerability management, Threat identification & Analysis, Cyber incident management and disaster recovery activities in a highly hands-on manner. He / She will have expert technical knowledge of networking, operating systems, intrusion detection/prevention, firewall technologies, remediation of vulnerabilities and make recommendations for increased security process efficiency and effectiveness
º Act as a senior advisor providing subject matter expertise and guidance to team members in conducting vulnerability assessment and threat analysis on the Bank's systems.
º Analyse, update and improve monitoring and compliance procedures based on external and internal information security risk and vulnerability assessment.
º Maintain vulnerability matrix and Cyber Risk log and report the progress in Vulnerability remediation and ensuing risk reduction.
º Identify relevant Key performance Indicators (KPIs), develop and regularly produce status reports of vulnerability status, Access Audits, DLP alerts, and IPS alerts.
º Liaise and coordinate with the Bank's various IT and Business teams to achieve and complete the vulnerability remediation objective.
º Support development of DR standard, DR process, Governance and associated controls.
º Coordinate with the Bank's various IT and partners and manage the annual DR integrated DR exercise.
º Develop and implement a Disaster Recovery (DR) plans related to IT Security.
º Coordinate and manage Internal and External audits, penetration testing with external vendors. Analyse and formulate remediation plans for gaps and risks identified.
º Responsible for providing timely reporting on security compliance, and remediation of audit findings.
º Maintain current with new developments in the security industry including alerts, bugs, vulnerabilities and viruses; evaluate and report on their potential business impacts.
º University degree (Computer Science, Information Assurance) with 8 to 10 years of experience in a related field (information security and Disaster Recovery experience.), or College Diploma in a related field and 9 to 12 years of experience.
º CISSP certification is required, additional certifications such as CISA, CISM, ABCP and SANS Institute GIAC would be a real asset.
º Strong knowledge of ISO27001, NIST, MITRE and OWASP.
º Thorough understanding and expert knowledge in networking, operating systems and intrusion detection /prevention and firewall technologies.
º Hands-on experience in vulnerability identification- using tools such as Qualys and Nessus.
º Demonstrated expertise in managing and continuously improving vulnerability management process and threat analysis, working with vendors and business operations teams.
º Hands-on experience in implementing and operating AD tools and deep knowledge of NTLM, Kerberos, and SAML.
º Strong knowledge of Identity & Access Management process.
º Strong knowledge of Data Loss prevention solutions.
º Hands-on experience in using Host-based IPS tools and network based IPS tools to monitor and analyze lateral movements, Privilege escalations and other threat indicators.
º Experience in planning and conducting integrated DR exercise and working within the Business Continuity Planning (BCP) framework.
º Experience in leading and facilitating DR Steering meeting with key IT leaders/stakeholders and service providers.
º Excellent verbal and written communication skills; bilingual (English/French) is an asset.
We welcome and encourage applications from individuals from all groups, including aboriginal, women, visible minorities, and persons with disabilities, regardless of race, ethnicity, sexual orientation, creed, family status, national origin, age and gender
calendar_today12 hours ago
work Banque Laurentienne