Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Responsibilities
The Senior Operational Security Advisor is responsible for the operational defense of Investissement Québec’s information assets.
They are responsible for threat detection, incident response, vulnerability management, oversight of the Security Operations Center (SOC), and the security of AI usage.
They serve as the subject-matter expert to qualify, contain and remediate incidents and to maintain the organization’s defensive posture.
They contribute to standards and procedures governing monitoring, detection and response, and leverage AI capabilities to strengthen these activities.
Take charge of managing security incidents according to the established process (identification, containment, eradication and recovery), in coordination with the SOC.
Oversee the Security Operations Center and validate the quality of alerts, escalations and deliverables.
Operate and evolve detection and response platforms, including Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR).
Design and maintain detection rules and monitoring use cases, including threats specific to AI (prompt injection, exfiltration via AI), and reduce false positives.
Manage the vulnerability life cycle (identification, prioritization and remediation tracking) and produce associated posture metrics.
Monitor and govern AI usage, including detection of unauthorized AI (shadow AI) and data exfiltration to AI tools, leveraging cloud access security brokers (CASB) and Microsoft Purview.
Coordinate the response to major incidents with IT teams and relevant stakeholders.
Perform threat hunting based on threat intelligence and available logs.
Integrate and operationalize threat intelligence sources into monitoring tools.
Conduct post-incident activities (root cause analysis and lessons learned) and update procedures accordingly.
Keep runbooks and operational detection and response procedures up to date.
Administer and harden the configuration of defense tools (EDR, logging, sensors).
Exploit AI capabilities of detection and response platforms to accelerate triage, enrichment and analysis of incidents, validating outputs before taking action.
Produce operational detection and response reports and metrics for management.
Support incident simulation exercises and defenses posture testing.
Contribute to drafting policies, directives and procedures related to monitoring, detection and response, in alignment with NIST CSF 2.0 (Detect, Respond and Recover functions).
Requirements
Bachelor’s degree in Computer Science or a related field.
At least eight (8) years of experience in cybersecurity, including at least five (5) years in operational security and incident response.
Proven experience operating detection and response platforms (SIEM, EDR, SOAR) and managing vulnerabilities.
Deep knowledge of incident response and detection techniques (MITRE ATT&CK, log analysis and threat hunting), including AI-related threats.
Thorough knowledge of NIST standards (CSF 2.0 and SP 800-53 r5), ISO 27001 and OWASP.
Experience managing an external SOC provider (asset).
Certifications such as CISSP, GCIH, GCIA or GSOC (asset).
Experience in the financial sector and knowledge of AI-related risks, including shadow AI and large language model (LLM) security (assets).
Benefits
Work from home up to three days per week and enjoy the energy of the office for creativity, inspiration, collaboration and fun.
Several flexible scheduling options to help you better balance personal and professional life while matching your job profile.
Extend your workdays over four days to earn a half-day off.
Avoid traffic by completing your 7-hour workday between 7:30 AM and 6:00 PM.
Enjoy paid time off every other Friday afternoon during the summer.
Benefit from 2 full weeks of remote work within Quebec per year.
Multiple options are available to develop your knowledge, professional skills or management abilities.
In addition: study leave, reimbursement of fees for obtaining a professional credential, reimbursement for course materials, and more.
We offer free telemedicine services.
Our TonIQ health and wellness program also provides conferences and activity suggestions to promote work–life balance.
We reimburse part of the registration fees for your physical health program.
Our Employee and Family Assistance Program provides free, immediate and confidential support.
Employees are automatically enrolled in our defined-benefit pension plan, one of the most generous in our sector.
We offer flexible group insurance plans that can be adjusted according to needs (subject to eligibility).
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.
Senior Product Security Consultant at CENSUS LABS evaluating software security and threats. Responsible for validating security compliance and reporting on risks in complex systems.