Description
**** Generic security consultant tasks: procedure monitoring, governance, checklist, best practices, cybersecurity, etc.
We are looking for new talent to expand our security team. The digital world, the daily changes force us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security perspectiveYour role:
Ensure that risk considerations are addressed at each phase of the system development and deployment lifecycleAssess the risk posture of one or more business unitsProduce, maintain and communicate indicators (progress, performance, risk, etc)Proactively propose solutions to reduce the risk of future breaches.Recommend security measures in applications and infrastructure components by exercising judgment within the framework of existing policies and industry best practices.Here's how you can make an impact in our organization:
Inspire a positive work environment and assist as a champion and innovator in teamwork and team support.Have a good understanding of security architecture and design to identify and recommend improvements in methodologies and processes used within the business units and technical teams you supportBe able to provide tactical and strategic direction and guidance to help technical teams achieve acceptable security posturesBuild trusted relationships with technology teams and be able to provide them with information on application and infrastructure security to ensure secure release cyclesFacilitate risk assessments, support teams in remediation of vulnerabilities, and provide security exception reviewsHave a detailed understanding of the technology components maintained by the teams you support and their security postureParticipate in complex projects and be able to present complex security reports, analysis and assessments to both technical and non-technical professionalsWhat you offer:
Completed Bachelor's degree, related to the industry, and 7 years of relevant experience or completed Master's degree, related to the industry, and five years of relevant experienceDesired professional certifications (CISSP, etc) or willingness to obtain them in a short period of time.3-5 years of experience in information securityDemonstrated experience in infrastructure and application security,Experience in risk assessment with recognized toolsGood understanding of information security domains (authentication, authorization, access control, audit, cryptography, etc.)Good knowledge of processes for integrating security assessments into the lifecycle process of enterprise services (servers, desktops, applications, network components, etc.)In-depth and practical understanding of application architecture and related technologiesTeam player, interpersonal skills, good communication skills and customer service orientationAbility to popularize risk and make presentations to different audiences (technical, business...)Bilingual (spoken/written) French and English