IT Security Risk

Our client…

Our client, a leading company in the financial services vertical in the GTA west, is seeking a IT Security Risk professional. This is a hands-on and fast-paced role where the incumbent will be a key member of the team working on the cutting edge products, and will be responsible for configuring the customers’ requirements into business ready solutions.

What’s in it for you?

Our client is located in the GTA West and offers a competitive compensation & employee benefits plan as well as an RRSP/Profit Sharing program.  At the same time, our client empowers its teams to harness new ideas, and allows staff unleash their imaginations to create innovative products and services to improve our service and respond to customer needs.

Responsibilities:

• Playing an active role in the support, design and re-design of technology platforms.
• Developing an understanding of core systems and current state architectures across multiple verticals.
• Playing a key role in  API Management Strategy and contribute towards service modernization.
• Collaborating in Cloud transformation.
• Creating / updating / maintaining technical solution blueprints in collaboration with peer architects and developers.
• Building and maintaining domain capability roadmaps to help invest in strategic technology areas.
• Facilitating domain focused architecture committees and working groups.
• Advancing key Enterprise Architecture initiatives like innovation groups, technology R&D forums, etc.
• Present technical roadmap and plans to customers as required.
• Support product and technology agile teams through planning and estimation activities as well as with design, development and deployment tasks.

Must Have

• As a self-starter, you will work with limited supervision in a complex environment and with latitude for independent judgement.  May mentor less experienced associates and display leadership as needed.
• Manage deployment of solutions to mitigate risks and enhance maturity of the Information Security within the region.
• Communication involves providing a professional level detail or consultation on our clients products, services or internal information as necessary.  Internal contacts are typically IT/Infrastructure SME’s, international peers, and senior management.  External contracts are typically clients/customers, auditors, vendors or occasionally government agencies.
• Act as a subject matter expert for organizational information security policies and industry standards such as NIST, ISO 27001,SSAE-18 and PCI.
• Perform quarterly PCI assessment with documented evidence as described in the PCI DSS 3.2.1.
• Facilitate end-to-end assessments inclusive of internal and external assessments.
• Establish key performance indicator (KPI) metrics; track and report on performance, provide reporting to senior management on operational performance and status of initiatives.
• Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of Security services being delivered.  Ensure Security Operations procedures are documented and followed.