Security Advisor Specialist responsible for identifying and mitigating information security risks. Providing guidance on security practices and collaborating with development teams to ensure compliance.
Responsibilities
Identify security events that need to be monitored.
Advise and support our team in all stages of development.
Ensure key risk metrics/indicators are developed and implemented to systematically measure and report information-related risks.
Identify and classify the risks then propose risk mitigation or remediation.
Analyze the risks associated with the various options available and propose a security solution to the operational issue that offers a fair balance between potential losses and the cost of the solution.
Identify gaps in IT compliance control and supervise the documentation, implementation and tests for the entire IT compliance control portfolio.
Monitor the latest industry trends and, where appropriate, proactively propose the introduction of new security practises and technologies when they become profitable.
Perform or coordinate application security tests for project teams.
Interpret the results of application security tests (code scanning, application intrusions, etc.).
Inform and educate development teams with regard to the application security development standards, methods and tools.
Requirements
University degree in information security or any combination of equivalent education and experience
Minimum 8 years of relevant experience in information technology, more specifically in information technology security
Security certification would be an asset
Strong knowledge of application security principles and practices
Strong and practical knowledge of Cloud environment in terms of Security risk and tools available in AWS or other cloud environment
Experience in a DevSecOps - CI/CD environment
Good understanding of common security gaps in data and cloud applications and of operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA)
Good understanding of common security gaps in data/AI applications
Team player / good collaboration skills set
Strong ethical principles and understanding of business and information security ethics
For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
No Canadian work experience required however must be eligible to work in Canada.
Benefits
Flexible work arrangements and a hybrid work model
Possibility to purchase up to 5 extra days off per year
Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.