Job Description
Position: Information Security Engineer III - Daily
Location: Montreal, QC, H3A 2A6
Duration: 12 Months
Job Type: Contract
Work Type: Onsite
Shift: 8:00am to 5:00pm
Job Description:
The position at a glance
We are currently seeking an IT Infra & Cyber Security Specialist with expertise in Vulnerability Management to be located in our Montreal site. This position will report to the Production Security Vulnerability Management head.
In detail
Perform BAU activities of Production Security Vulnerability Management function, including: Asset/Scanning reconciliation, Vulnerability Scanning, Assessment, Remediation Support/Coordination & Reporting.
On-going support to remediation stakeholders to assess, prioritize and track execution of remediation efforts.
Deliver Vulnerability Management reporting and analytics functions on a scheduled basis and support ad-hoc report requests
Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions.
Maintain appropriate documentation that defines the Vulnerability Management Program, policies, and procedures.
Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
Build strong working relationships with IT Infrastructure, Development & Application Support teams to achieve remediation objectives driven by BAU & Project related priorities
Contribute to related Governance/Steering committees, associated KPI reporting and action tracking
The strengths and skills that will help you succeed
Experience with VM scanning tools (Nexpose, Qualys, Tanium)
Strong written and verbal communication skills
Strong overall IT Infrastructure and Cyber Security expertise
Strong experience with operating systems, network security, protocols, application security, infrastructure hardening and security baselines.
Experience with Reporting/BI platforms (ie, PowerBI, JIRA and similar platforms)
Experience working with large data sets and ability to summarize findings to achieve target objectives
Ability to coordinate, build relationships, and represent Production Security with stakeholders
Process improvement experience, ability to identify feasible solutions and recommend new approaches
Solid problem solving & analytical skills; must be resourceful, innovative, results driven and adaptable
Extensive experience with MS Office products including Word, Excel, PowerPoint, Outlook and others
Experience of industry standards relating to Vulnerability Management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS)
Experience Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, GDPR, ISO 27001&27002).
Previous experience working in large-scale environments with diverse technologies is a must
Preferred Qualifications:
B.S./B.E. in Computer Science or equivalent field
Minimum of 5+years of professional experience
IT Development/Infrastructure background (Developer, DevOps, System Admin)
Industry certifications such as CISM, CISSP, CRISC or similar
Financial Services background
Job Type: Fixed term contract
Contract length: 12 months
Pay: $450.00-$700.00 per day
Schedule:
- Monday to Friday