IT - Application & Software Development
Oct 21, 2017
Our client, is a fully integrated real estate company. They own, manage and invest in high-quality, well-located, geographically diversified assets across North America. They are located in GTA West and are looking to add to the team on a full time basis.
In general, the role of the position is to assist the company in attaining its business objectives through the effective use of enterprise-level information systems and associated technologies.
What’s in it for you?
The IT Security and Risk Management Architect performs two core functions for the enterprise. The first is overseeing the operations of the enterprise’s security solutions utilizing various monitoring, analysis and measurement tools and processes. The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in planning (architecture) and operational IT teams as well as with the leaders of business units to both share the corporate security vision and to solicit their involvement in achieving higher levels of enterprise security.
- Creating and maintaining the enterprise’s security architecture design.
- Creating and maintaining the enterprise’s security awareness training program.
- Creating and maintaining the enterprise’s security documents (policies, standards, baselines, guidelines and procedures).
- Creating and maintaining appropriate elements of the enterprise’s Business Continuity and Disaster Recovery Plans.
- Extensive experience with enterprise security architecture design.
- Extensive experience with enterprise security policy development and procedural document creation.
- Extensive knowledge of various attack vectors and proven ability to implement solutions to address associated risks.
- Extensive knowledge of incident response phases and concepts, including ability to develop incident response program.
- Experience in designing and delivering employee security awareness training.
- Demonstrated on-the-job experience identifying and mitigating malicious or anomalous activities based on event data from firewalls, WAF, IPS, SIEM and other sources.
- Demonstrated on-the-job experience in identifying, classifying and mitigating vulnerabilities.
- Demonstrated on-the-job experience in preforming threat analysis, risk assessment and risk mitigation.
- Experience in developing, testing and maintaining Business Continuity Plans and Disaster Recovery Plans.
- Strong understanding of IP, TCP/IP and network administration protocols.
- Previous system and network administration experience.
- Previous experience with tools and appliance such as Cisco networking gear, Palo Alto firewalls, SIEMs, IPS/IDS and Nessus.
- Knowledge of industry security concepts and frameworks such as NIST, ISO 27001 and CIS critical security controls.
- Knowledge of IT audit methodology and ability to liaise with internal and external auditors as required.
- Understanding of adaptive security architecture
- Experience with application migration to cloud services and the security considerations required
- Familiarity with multi-platform environments and their operational/security considerations.
- Strong understanding of Cloud-as-a-Service technologies: PaaS, IaaS, and SaaS, and implementing security governance for network-centric Cloud architectures.
Nice to Have:
- The ideal candidate will have experience both moving infrastructure to the Cloud and supporting the cloud environment.
isgSearch is a member of the ISG Group of Companies, operating in Canada since 1990. Throughout the 1990's, ISG (Informatics Search Group) was built into one of Canada's leading search firms, and sold in 1998 to a leader in North American Recruitment & Solution Services. In 2007, the same ownership that drove ISG to success, created isgSearch with a boutique-style approach, catering to the very specific needs of hiring clients and talented professionals in the IT space