Director, Information Security Protection and Analysis
- Employer: iA Financial Group
- Office: 2200 McGill College Avenue
- Location: Montreal, Quebec
- Other Possible Location(s): Québec, Quebec
- Job category: Information Technology
- Job ID: JR10016410
- Job type: Permanent Job Full time
- Apply before: 2023-03-31
Permanent management position/ Quebec City/Montreal/ Toronto/Hybrid
iA Financial Group is looking for a Director, Information Security Protection and Analysis (ISPA) to work in the security services delivery department.
In this role, it will be your responsibility to develop the ISPA team’s strategy and roadmap, privileging automation at each step. An effective information security operation is a hub for organization-wide detection and intervention, mitigating cyber threats and related technology disruptions. You must demonstrate a rigorous and unwavering commitment to security regulations as well as in-depth knowledge of the latest tactics, techniques and procedures specific to the insurance and financial services industry.
Roles and responsibilities
- Direct organization-wide information security operational activities
- Oversee the best use of a range of tools and effective solutions, promoting security and integration capabilities, with the goal of contributing to threat detection and mitigation across local and cloud-based systems
- Direct the ISPA team with your expertise in the domains of cybersecurity operations, incident response, legal investigation, application security, vulnerability, internet filtering, data-loss prevention and firewall and web application firewall management. In addition, you will be responsible for creating a plan to improve detection and response abilities.
- Develop efficiency measures and oversee the execution of security operations, reporting on progress and constantly motivating the team to improve
- Manage and direct multiple service providers
- Manage major incidents by supporting the team with your in-depth knowledge of security concepts, such as threat vectors, cyber attacks and other techniques
- Collaborate with the Chief Information Security Officer (CISO) in order to expand information security’s operational capacities to meet the growing needs of the business
- Revise and update processes in order to reinforce security threat interventions and to consolidate the security operations framework, and highlight all difficulties in service-level arrangement management
- Examine and approve the intervention plan in case of a security event, and ensure its periodic review, testing and updating, based on lessons learned
- Oversee investigations and responses to disputes, ensuring that an incident-response framework is established, and that malware analysis tools and security policies are reviewed following an incident
- Spearhead the development and implementation of processes designed to identify and monitor the movement of sensitive data, protecting it from accidental loss or malicious exfiltration
- Examine and approve the results of penetration tests concerning essential information infrastructure and the adoption of new tools and technologies, and lead the design of vulnerability management plans
- Bachelor’s or master’s degree in information technology, computer sciences, engineering or business administration (or equivalent)
- At least ten (10) years experience and proven skills in the information security sector, including five (5) years leading the security operations of a large company or an insurance and financial services company
- Broad experience leading complex and large-scale security operations projects involving multiplatform solutions and multiple vendors
- Excellent communication and interpersonal skills
- Experience managing vendors
- Recognized experience defining or conceiving of measures to evaluate and improve security checks
- Excellent analytical and creative problem-solving skills, with a demonstrated ability to be flexible and use good judgement when considering problems and operational risks in a dynamic environment
- Ability to keep long-term strategic visions in mind, using the technical skills required to efficiently implement security functions
- Experience establishing and updating policies, standards, procedures and guidelines
- Excellent command of French and English (oral and written) for frequent interaction with internal and external French- and English-speaking clients, colleagues or partners across Canada and the United States
- The following technical certifications are considered assets: Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH) and Certified Information Systems Security Professional (CISSP)
Your iA benefits:
- Base salary and organizational bonus
- Group insurance
- Defined-benefit pension plan
- Share purchase plan
- Flexible vacation days
- Flexible working hours and remote work (35 hours/week)
- Career planning and training
Are you up for the job? Apply now and/or contact me on Linkedin: https://www.linkedin.com/in/laurenceamat/
At iA, we invest,
Our employees are our best investment and we have much to offer them.
iA Financial Group is the strength of a company with a human side, with its over 8,000 employees. Together, we have earned the trust of our more than four million clients and 50,000 advisors who have chosen us for their insurance, savings, and wealth management.
With over $200 billion in assets and half a billion invested in technological innovation, we’re a key player in the financial services industry in Canada and the United States. The secret to our success? Investing in you, one person at a time. Because, for over 125 years, we have believed that it’s by supporting our employees and surrounding ourselves with the most reputable leaders in the industry, we will continue to innovate.
At iA, we’re invested in you.
Our commitment to Diversity and Inclusion
At iA Financial Group, we support and celebrate diversity. We strive to provide a workplace that is recognized as inclusive for all, regardless of ethnic origin, nationality, language, religious beliefs, gender, sexual orientation, age, marital status, family situation, or physical or mental disability.
Please note that if you need help or assistance to make the recruitment process more accessible for you, please contact us here. Someone from our team will be happy to assist you.