Bank’s Information Security & Control (IS&C)’s Cyber Security Red Team has global accountability and is highly supportive of the Bank’s business, enabling execution of the Bank’s strategies, operations, and services, while ensuring that appropriate application and cyber security practices are adhered to.
This function provides core competency in proactively detecting application and network vulnerabilities while working with the appropriate teams in instituting appropriate controls to mitigate risks, specifically as it pertains to system vulnerabilities and threats.
Project:
The prospective candidate would be coordinating multiple engagements.
Candidate Value Proposition:
The successful candidate will have the opportunity to work withinbank. We are technology partners who help the business transform how our employees around the world work.
You will get to work with and learn from diverse industry leaders, who have hailed from top technology.
Typical Day in Role:
In this role, you will be expected to work closely with the application development groups from every line of business in the Bank to integrate application and network security processes and procedures into the software development lifecycle.
You will manage relationships and program processes with system owners, leadership up to and including executive level stakeholders, vendors and the Bank’s internal penetration testing team to ensure regulatory driven and internal mandated penetration testing and red team programs are executed.
Additional duties will include, oversight of operations, such as process and procedure development and documentation, reporting, financial tracking.
Collaborate with IT management teams, security advisory and IT Risk teams, on a Global Scale to ensure effective execution of mandated assessments
Develop/enhance and/or execute effective communication models to assist with the management of reported vulnerabilities, control gaps, people and process related gaps, issues and their remediation
Identify opportunities and gaps within internal process and procedures to develop/enhance and/or execute strategies for improvement and maturity within each program, inclusive of but not limited to, execution, operations, reporting and tracking
Be responsible for adherence to established process flows that ensure development teams, infrastructure teams and business owners implement control measure that effectively mitigate or eliminate risk.
Be responsible for timely and accurate reporting of all findings to the appropriate teams, different levels of management and business risk owners
Be responsible for scheduling, oversight of execution, creation and management of deliverables to stakeholders and other Security teams within IS&C.
Spearhead debrief sessions to socialize and action results of assessments with appropriate stakeholders
Develop/enhance KPIs, team output and work effort metrics and financial usage reports
Be an SME on internal team processes and programs to support junior members of the team to aid in continuity and development
Develop and present comprehensive and detailed presentations for senior leadership, highlighting key penetration testing insights, strategic recommendations, and progress updates.
The ideal candidate should possess strong analytical skills, the ability to synthesize complex technical information into clear, concise, and actionable insights, and demonstrate excellence in visual and verbal communication.
Candidate Requirements/Must Have Skills:
You have 5-7 years as a Project Manager or Technical Coordinator or security related experience.
3+ years of hands-on experience managing financial budgets, financial reporting, reviewing invoicing and statements of work.
Strong working experience independently making decisions guided by process and procedures (with limited guidance).
Nice-To-Have Skills:
You have an understanding of the cyber kill chain (such as Mitre ATT&CK) and ability to connect techniques to results
You have a dynamic personality, able to work with a wide scope of work that is ever changing.
Database experience, PowerBI skills, JIRA Service management at a developer level
Spanish is a considered an asset.
Security certifications such as CISSP, CISM are nice to have
Soft Skills Required:
You possess strong communication (verbal/written/presentation) skills in English
You have strong customer service skills.
You have well-rounded interpersonal skills, with the ability to build relationships cross-functionally, based on bank’s values of respect, integrity, passion, and accountability.
Conflict resolution capabilities
You are detail oriented.
Education:
Nice to have an industry certification like Security+, Google cyber security certificate, A+, Network+
Best VS. Average Candidate:
Database experience, PowerBI skills, JIRA Service management at a developer level
Candidate Review & Selection:
1st round – Teams – 45 mins – HM + panel – Behavioural and scenario based.
2nd round – Teams – 30 mins – Senior management
Job Details12395Contract4 monthsScarborough
Expected salary
Location
Toronto, ON
Job date
Sat, 07 Sep 2024 22:29:34 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnearcanada.com) you saw this job posting.