Benefits
• Top-tier health and wellness benefits, including comprehensive benefits packages, a yearly health spending account and personal spending account
• Enhanced mental health benefits through SunLife and TELUS Health
• Up to $1000 per year towards professional development
• Pension Plan
• Flex-work environment
• Company-wide Employee Volunteer program (Blue Wave Program)
• Employee and Family Assistance Program
Why FirstOntario?
• Competitive compensation packages
• Top-tier health and wellness benefits, including comprehensive benefits packages, a yearly health spending account and personal spending account
• Enhanced mental health benefits through SunLife and TELUS Health
• Exclusive banking benefits
• Up to $1000 per year towards professional development
• Pension Plan
• Flex-work environment
• Company-wide Employee Volunteer program (Blue Wave Program)
• Employee and Family Assistance Program
Job Overview
We are seeking a highly skilled and experienced Information and Cyber Security Specialist to join our IT Security team. This senior-level role is critical to enhancing our enterprise security posture through leadership in risk management, compliance, and secure project delivery. You will work cross-functionally to embed security into business processes and technology initiatives, ensuring alignment with regulatory standards and organizational requirements.
Key Responsibilities
Security Leadership
• Aid in the development and implementation of enterprise-wide information security strategies.
• Provide expert guidance on secure architecture, design, and principles during IT and business project lifecycles.
• Act as a security advisor for technology initiatives, ensuring alignment with best practices and compliance requirements.
• Participate in the execution of an enterprise Business Continuity Plan and Disaster Recovery Plan.
Risk Management & Compliance
• Conduct information security risk assessments and threat modeling.
• Contribute and manage risk registers and mitigation plans.
• Ensure compliance with regulatory frameworks (e.g., ISO 27001, NIST, PCI-DSS, FSRA/OFSI, PIPEDIA/CPPA).
• Support internal and external audits and lead remediation efforts.
Governance & Policy Development
• Contribute to information security policies, standards, procedures, and guidelines.
• Collaborate on IT Governance, Risk, and Compliance (GRC) initiatives.
• Monitor, respond, and report on security KPIs and KRIs.
• Monitor for security policy violation(s) and recommend corrective action(s).
Security Operations & Incident Response
• Oversee the configuration and monitoring of security technologies (SIEM, EDR, CASB, IDPS, firewalls).
• Lead investigations of complex security incidents and coordinate response and recovery.
• Conduct root cause analysis and develop post-incident improvement plans.
• Escalate and report on key incidents and progress of remedial efforts to their manager
• Provide on-call support for end users for all security solutions (e.g. Blocked email).
Vulnerability & Threat Management
• Perform advanced vulnerability assessments and penetration testing.
• Collaborate with teams to prioritize and remediate findings.
• Stay current with emerging threats and security technologies and propose process or technology improvements for continuous improvement.
• Participate in the design and execution of penetration tests and security audits.
Awareness & Training
• Design and deliver targeted security awareness programs.
• Lead quarterly audits including access reviews and privileged account management.
Physical & Data Security
• Oversee physical security systems (access control, surveillance).
• Support data classification, protection, and data governance initiatives.
• Perform other duties as assigned.
Required Skills
• College diploma or university degree in the field of computer science
• 5-7 years of progressive experience in IT and Information Security roles
• Actively pursuing or currently possess one or more of the following certifications:
• GIAC Information Security Professional (GISP)
• Microsoft Certified: Security Operations Analyst Associate
• CAP, CISA, CCFP, CCSP, CISSP, CISM, GIAC
• Associate of (ISC)2
• Proficient with SEIM, Firewalls & data classification
• Proficient with endpoint detection and response (EDR), CASB, IDPS and other security technologies.
• Strong knowledge of security frameworks and standards such as MITRE, CIS, NIST, PCI, COBIT and ISO 27001.
• Experience with Varonis is an asset.
• Experience advising on security in cloud, hybrid, and on-prem environments.
• Working technical knowledge of system vulnerability scanning and remediation.
• Strong understanding of OSI Model, IP, TCP/IP, and other network administration protocols.
• Strong understanding of Windows and Linux operating systems.
• Familiarity with core banking system related security is considered an asset.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in a business-friendly and user-friendly language.
• Excellent communication and stakeholder engagement skills.
• Highly self-motivated and directed.
• Team-oriented and skilled in working within a collaborative environment.
• Must have on-call availability.
• Lifting and transporting moderately heavy objects, such as computers and peripherals.
• Valid Driver's license and ability to travel to branch location as required.
Primarily a remote position. Occasional requirements to visit office in Hamilton area.
This posting is for an existing vacancy.
Salary Range: $93,677 to $128,806 annually.
Compensation for this role reflects a combination of skills, experience, and internal equity. Those whose experience more closely aligns the role's requirements may be placed higher within the salary range. You will learn more about FirstOntario Credit Union's total rewards package during the interview process.
Our inclusive work environment welcomes diversity and supports accessibility. If you require accommodation at any time during the recruitment process, please let us know.
#J-18808-Ljbffr
