Security Specialist
JOB_5341460CF1120839Type demploi
PermanentLieu
MontréalProfession
CyberIndustrie
Affaires et Consultation en administrationPaie
yearly
Recherche du candidate ideal
Your daily routine:
Threat monitoring
- Proactively monitor and analyze security data to detect threats and advanced vulnerabilities
- Develop key indicators (risk and performance) and collect actionable intelligence to strengthen the organization’s security posture.
Security incident response
- Manage security incidents, from initial analysis to full resolution
- Carry out post-incident assessments and recommend preventive measures
Risk and vulnerability assessment
- Independently conduct in-depth security assessments to identify vulnerabilities and recommend remediation strategies
- Maintain the information security risk register, oversee audits, and assess suppliers’ security practices
Security awareness and coaching
- Develop information security awareness materials
- Provide specialized advice in support of cybersecurity program objectives and compliance initiatives
Policies and governance
- Write, update and maintain information security policies, procedures and standards (access management, passwords, network security, PAP, etc.)
- Ensure documentation alignment with best practices (NIST, ISO 27001, etc.).
Compliance and audits (SOC 2)
- Coordinate
SOC 2 (types 1 and 2) compliance activities, including
audit
preparation - Document and implement required
Security controls - Ensure that evidence is gathered and requirements are met for external auditors
Security questionnaires
- Respond to
Security questionnaires
From clients or partners (cybersecurity, confidentiality, business continuity, etc.) - Collaborate with internal teams to obtain relevant technical or organizational responses
Security control implementation
- Assist in developing and implementing technical and organizational controls (access management, logging, backups, etc.)
- Collaborate with IT, operations, development, and product teams in integrating security into operations
Security procedures and processes
- Develop
Security intervention procedures
(incident response, vulnerability management, SIEM alert response, etc.) - Implement reproducible, well-documented processes
You will need:
- Good knowledge of SOC 2, ISO 27001, NIST, and CIS Benchmark standards
- Experience in drafting security policies and documentation
- Ability to understand technical concepts and explain them to a non-technical audience
- Knowledge of AWS, Azure, and GCP cloud environments (an asset)
- CCSP, CISM, ISO 27001 Lead Implementer certification
This position may be ideal for you if you:
- have a degree in information security, information technology, or a related field
- have at least three to five years’ experience in a similar role in IT security or governance
- are fluent in English and French, both written and spoken
- can successfully and independently handle multiple projects
- have experience with governance, risk, and compliance (GRC) tools
- have experience with the DRATA GRC tool (an asset)
We value our teams and offer working conditions to match:
- Competitive salary
- Comprehensive group insurance
- Group RRSP
- Flexible work arrangements
- Fitness benefit
- Payment of dues to your professional order
- Referral program
- Public transit credit
- Paid vacation on your birthday
#LI-DNI
Security SpecialistJOB_5341460CF11208392025-09-072025-12-06
Communiquer avec Siddika Jeraj, le recruteur responsable de cet emploi
Situé à Toronto (EN), 8 King Street East, 20th FloorTéléphone: 6474944112JOB_5341460CF1120839