Information Security Manager - Toronto, Canada - Univeris Corp

Univeris Corp

Verified Company

Toronto, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Who we are
Univeris has been successfully building and modernizing wealth management software for over 30 years.

We are the go-to solution for many financial services firms (e.g., mutual fund dealers, securities dealers, wealth management firms and insurance companies) that want to stay competitive in an intriguingly digital world.

To date, more than 25,000 financial advisors and 1.5 million investors in 12 countries have converted to our money-managed platform—with over $450B in Assets Under Administration.

Why? Because we have the technology to streamline portfolio management, drive efficiencies and improve productivity.
At Univeris, we value talent and ideas.

This means our employees have the freedom to do things they know would be great and meaningful for our clients and for the company.

We're looking for people who are creative, get excited by new opportunities to learn and grow and feel at home by an organization that supports them.

Ready to start your career?
The Opportunity
This is a transformative opportunity to make a difference in an ambitious organization with a global presence.

The role provides exposure to all information security domains and the opportunity to define the path of the Information Security practice at Univeris and to manage the implementation of the security roadmap.

The Role

SUMMARY OF RESPONSIBILITIES

Be the leader and manager accountable for information security at Univeris
Identify security risks, develop strategies and create the information security roadmap for an organization with a global presence
Create and communicate corporate security policies
Plan and manage the implementation of processes required to satisfy security policy requirements
Lead and manage the vulnerability management process and execute tasks as required
Lead and manage security projects
Create and implement data security policies and practices for the transfer, retention and destruction of client data
Create and manage the implementation of policies for firewall perimeter security, public cloud security, data centre security, and office headquarters security
Business Continuity Planning
Disaster Recovery planning
Security event and incident management

Manage Audit compliance

CSAE 3416 SOC 1, CSAE 3416 SOC 2, ISO 27001, including defining controls and managing their implementation across the organization
Develop strong relationships with crossfunctional team members including Developers, IT staff and Clients
Cooperate with engineering leads on security facing aspects of software product development
Cooperate with infrastructure management on security aspects of the Univeris infrastructure
Communicate and collaborate with Univeris Clients, vendors, auditors and other third parties on information security matters
Cybersecurity and Information Assurance degree or IT degree or Computer Science degree with a significant amount of coursework related to cybersecurity.
Information Security certifications considered an asset: Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), Certified Cloud Security Professional (CCSP).
Over 5 years of handson working experience in information security

Your Proven Qualities

Experience with creation and documentation of security policies and procedures
Expertise in security best practices and their practical implementation in the context of the organization goals and resources
Experience with project management, including planning, managing, change and risk management, and reporting to stakeholders
Experience with identifying organizational gaps, implementing processes and solutions required for SOC 2 and ISO compliance
Demonstrated ability to evaluate, install, configure and operate technical solutions supporting information security needs, for ex. vulnerability management, SSH keys management solutions, etc.
Handson experience with security management in the public cloud (AWS, GCP) and private cloud (VMware, Xen) security policies
Experience with penetration testing and vulnerability scans, assessing issues and recommending solutions
Proven experience with creating business case documents in support of security projects and tools
Experience with different security solutions and with negotiating and managing vendors and security services providers
Good understanding of asset management and patching
Experience with security automation implementation
Working knowledge of Atlassian Confluence, JIRA and office productivity software.

Extras You Might Offer As Tiebreakers

Demonstrated experience with Fortinet FortiGate, including firewall rules, VPN tunnels, security policies, etc.
Experience with software development and the SAFe methodology is an asset
Familiarity with PIPEDA and GDPR is an asset
Experience with managing security awareness training
Solid practical experience with PC security practices

Personal Skills