Specialist, IT Security - Montréal, Canada - Business Development Bank of Canada

Business Development Bank of Canada

Verified Company

Montréal, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

No other bank is doing what we do.

At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We're devoted to Canadian entrepreneurs. We're also dedicated to our employees. Adaptable. Inspiring. Different. There's a reason we like to work here, and we think you'll like it too. Join BDC and help make a difference

Diversity. Equity. Inclusion. They're more than just words for BDC.

These concepts are foundational to our success and to our ability to attract, retain, mobilize and develop the right talent, as well as to offer a healthy, professional and collaborative environment.

We are committed to cultivating and preserving an environment where all employees can thrive, and, for over a decade, we have been recognized as one of Canada's Top 100 Employers and one of Canada's Best Diversity Employers.

In recruiting for our team, we welcome the unique contributions that you can bring in terms of your education, opinions, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veteran's status, color, religion, disability, sexual orientation, beliefs, experiences, and more.

POSITION OVERVIEW

The Specialist, IT security - container security and cloud operations is responsible for the day-to-day security activities to ensure BDC's technological environment is well protected.

They gather and analyze information on BDC's technology, making recommendations and resolving security issues as required.

CHALLENGES TO BE MET
Maintain quality and stability of telemetry coming from various log sources, investigate alerts and with heavy emphasis on Container security.
Develop, deploy, and maintain tools and processes related to periodic security monitoring and to tasks involving security operations with concentration in, but not limited to, Container infrastructure (Kubernetes, Docker, K8, Tanzu BOSH), whether on prem or cloudbased container services (EKS, AKS, Openshift).
Stay abreast of Linux and Container Infrastructure capabilities and security as they evolve. Build welldesigned, testable, efficient monitoring use cases using tools such as SYSLOG telemetry, Aquasec, Sysdig, Stackrox or Prisma Cloud.
Analyze incoming security events based and raw telemetry, network, endpoint, SaaS, and log sources expediently, consistently, and accurately for abnormal events.
Work closely with IT operations and other teams to implement and continuously improve controls efficiency.
Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
Develop alerting and detection strategies to identify malicious or anomalous behavior.
Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
Lead and/or participate in Incident Response efforts as it pertains Containerized workloads.
Take part in verifications and structured security assessments of BDC's technological environment to ensure that it is protected and complies with established security standards; prepare documents for distribution and provide technical support to the teams responsible for the computer environment.
Help resolve complex security issues, investigations, and cyber advisories in order to improve methods for ensuring the safety of BDC's technological environment.
Help identify security solutions for various BDC systems.
Participate in the development and evolution of technological environment security directives, processes and standards and participate in the development of the procedures needed to implement and maintain them.
WHAT WE ARE LOOKING FOR
Minimum eight years' experience in IT, five of which in network and/or security
Must have solid experience with Linux security and Containerized workloads
Experience with tools such as Container security tools such as Aquasec, Sysdig or Stackrox is highly preferred
Experience with AWS security monitoring
Must have some experience with at least one of each leading SIEM and EDR tools: Splunk, Qradar, SentinelOne, Crowdstrike and related CSPM, CWPP features
Any of the following certifications: GSEC, GPPA, GCIA, GCWN, GMON, GCDA, OSCP or other container or cloud security focused certifications
Experience with logging and monitoring systems
Familiar with cyber frameworks such as ATT&CK, Cyber Kill Chain and Diamond Model
Experience in a Security Operations Center (SOC) or Cyber Incident Response Team (CIRT), preferably in security monitoring and security incident response
Experience with infrastructure automation, configuration management, and developer workflows
Experience with Continuous Delivery pipelines and the tools used to deliver solutions (GIT, Ansible, Terraform, AWS Code Deploy, Azure DevOps, etc.)
Experience with onpremise Kubernetes and container security management is highly desira