| About the role
Reporting to the Director of Security Architecture and Engineering, and as a member of the Security Engineering team, this position is responsible for providing expert technical advice, applying architectural patterns for information security in alignment to information security frameworks, identifying solutions to information security challenges, and interfacing effectively with vendors and partners.
We currently have one vacancy for this position.
| What you’ll be doing
- Provide input and decisions on application and infrastructure security requirements throughout the project development life cycle
- Document operational and threat-based functional requirements within the enterprise agile planning tools
- Evaluate, recommend, and monitor security capabilities for prevention, detection, and response to information security threats.
- Support Security Operations with system integration issues and prioritized requests
- Support the Security Assessment Team in their processes and risk assessments to ensure adequate security standards and best practices are applied in the logical and physical solution
- Support the evolution of existing security capabilities based on operational requirements
| You’ll need to have
- Post secondary degree in computer science, information security or other field related to information systems and technology or information security management, or equivalent work experience
- Working experience in elaboration of security requirements, threat modeling, secure code reviews, vulnerability assessments, or application penetration testing, solution architecture.
- Understanding of system administration, technical audits, security governance, DevSecOps, System Engineering, security appliance operations.
- Experience evaluating and planning the implementation of security solutions is considered an asset.
- Good problem solving skills and experience in the resolution of technical issues with security capabilities.
- Understanding and/or working knowledge of threat modeling methodologies and frameworks including STRIDE, attack trees, OWASP Top 10, and MITRE ATT&CK
- Working understanding of security frameworks such as ISO2700x, NIST CSF, OWASP and/or CIS, and the application of controls to real-world environments.
| It would be great if you had
- Experience with or certification in platforms and services (IaaS, PaaS, SaaS)
- Industry certifications (CISSP, CCSP, etc.)
- Practical experience with the Information Technology Infrastructure Library (ITIL) framework and/or ITIL foundation certification
- Experience developing security requirements and test cases in large complex environments is considered an asset.
- Bilingualism (English and French) is considered an asset
| What we can offer you
- Competitive compensation package
- Health and dental benefits
- Defined contribution pension plan
- Flexible work arrangements
- Professional development opportunities
- Prime downtown locations (Ottawa & Toronto) close to transit and shopping
- Gym and shower facilities
- Bike lockers
We are a unique organization at the centre of the payments ecosystem and Canadian economy. We are responsible for balancing and leading in an environment of multiple interests, ideas and challenges. We successfully navigate these challenges by adhering to a set of values that in themselves are tensions: Think Big + Act Responsibly, Be Ambitious + Raise the Team, Keep Momentum + Be Rigorous. We are successful as individuals, as teams, as an organization and for our members and stakeholders if we strike to balance these values in all that we do.
Payments Canada is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from qualified women, men, visible minorities, aboriginal peoples, and persons with disabilities. All employment decisions are made based on business needs, job requirements, and individual qualifications.
We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at email@example.com.
- Pay Type Salary: $86,064.00 - $114,751.00