Cybersecurity Specialist

Managing Director, Data & Technology

Toronto, Ontario, Canada

THE ROLE

We are seeking a motivated Cybersecurity Specialist with solid cybersecurity experience and acumen and a proven background of driving the adoption of a robust and scalable strategy for security. The ideal candidate will have the ability to “roll up the sleeves” to get the job done and is known as a great communicator and team player.

Reporting directly to the Senior Director, Cybersecurity, the Cybersecurity Specialist will be responsible for advancing the organization’s security program by conducting cybersecurity gap analysis, prioritizing additional controls, and defining a roadmap for continuous improvement of the organization’s security posture.

This is a fantastic opportunity for an experienced IT professional to join a team of high-performing individuals and make a great impact in a start up organization.

KEY ACCOUNTABILITIES:

The Cybersecurity Specialist will be responsible for a variety of duties, including but not limited to the following:

• Conduct cybersecurity gap analysis reviews using NIST CSF as a measurement gauge for continuous improvement
• Identify and prioritize the required controls to guide the maturity of our security program
• Create plans of action for the security program target state and roadmap milestones for improving the organization’s security posture
• Assess, define, and document security solutions, controls, and processes for cloud platforms
• Contribute to a robust and scalable strategy for security, compliance and monitoring that ingrains security across the enterprise and enables fast solution delivery
• Identify compliance, information security, and business continuity risks to the organization and partner with architecture and operations to make recommendations for corrective actions/mitigation of risks
• Support development of technology risk reporting and governance practices to identify, protect, detect, respond, and recover to current and emerging security threats
• Support development and/or implementation of standards, policies, procedures, and solutions as it relates to key Access Management controls
• Define policies for encrypting data at rest and in transit
• Ensure all required information security requirements and related reporting are met

QUALIFICATIONS & EXPERIENCE:

• Minimum 5- 10 years of cybersecurity experience with accumulated experience implementing CIS Benchmarks and NIST CSF
• Undergraduate degree in Information Technology
• Working knowledge of the Cloud Controls Matrix (CCM) and STAR certification for cloud platforms
• Experience with Information Security and Risk Management governance structures and programs
• Experience collaborating across various business units to ensure that technology operations and information security requirements are included in contracts by liaising with vendor compliance and finance/procurement teams
• Cloud Certification a plus
• CCSK, CISA, or CISSP Security Certification a plus
• Expertise in cybersecurity, firewalls, network security, application security
• Experience with security frameworks and regulatory requirements CSA, NIST, CIS, GDPR, OWASP, etc.
• Experience with security controls for workloads hosted on Google Cloud Platform (GCP) and MS Azure cloud platforms
• Proven experience estimating duration of initiatives

ATTRIBUTES:

• Excellent written and verbal communications
• Ability to design and implement repeatable processes
• Ability to organize and drive results from different contributors
• Pro-active problem solver
• Strong analytic skills
• Self-motivated with a hands-on attitude
• Strong commitment to innovation and continuous improvement

Ability to effectively identify emerging technologies, trends, threats, standards, and products that have a strong potential to improve the organization’s security posture

PERSONALITY TRAITS:

• Self-driven
• Strong work ethic
• Passion for learning
• Empathetic
• Collaborative

Authentic

Personable

• Confident