Job Title

Join a Challenger Being a traditional bank just isnt our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians. How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if youre passionate about redefining the future of bankingwhile having funthis could be your next big opportunity. Our company continues to grow, and today we serve more than 670,000 people across Canada through Equitable Bank, Canadas Challenger Bank, and have been around for more than 50 years. Equitable Banks whollyowned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich peoples lives. Our customers have named our EQ Bank digital platform eqbank.ca one of the top banks in Canada on the Forbes Worlds Best Banks list since 2021. Purpose of the Job As a Senior Security Engineer with a strong Cloud Security background the candidate will have an indepth Zero Trust and SASE security model understanding. Cloud Logs Acquisition and Analysis, Cloud Investigations, Security Engineering & Architecture, Use Case Development, Playbook Development, SIEM Log Integration, Threat Detection Tuning are part of the job requirements. Main Activities - Provide detailed analysis and recommendations after monitoring security events from several sources, such as IDS/IPS, DLP, AntiVirus/Endpoint Protection, Network and web application firewalls. - Examine, appraise, and interpret correlation metrics, develop dashboards, and reports. - Tuning of rules, filters, and policies for detectionrelated security technologies to improve accuracy and visibility. - Akamai Web Application Security: engineering, deployment, integration, and operations of Web Application Firewall security solutions. - Perform handson Web Application Firewall deployment, configuration, policy finetuning and maintenance. - Improve and support application security tool deployments including static analysis and runtime testing tools. - Protect enterprise pipeline on Azure DevOps, and integrate applications running on AKS, PCF and Docker using Aqua Security platform. Lead the security incident response by performing relevant investigation and forensic analysis of each incident and applying the necessary security mitigations. - Train and educate Security staff, other Technology Group, and external business partners on Zero Trust Network Architecture. - Manage SIEM elements such as Log collection, Normalization, Correlation, and Aggregation. - Perform required compliance related activities and provide support for PCI DSS and other audit related requirements. - Participate in new security solutions evaluation, design and implementation. - Maintain documentation of tools, logic, policies, and procedures. - Participate in security risks, threats and vulnerabilities assessment. - On call, offhours and/or shift work will be required. Knowledge/Experience Requirements - Advanced degree in Computer Science or related field is highly preferred. - A minimum of eight (8) years in an information security function or role. - Experience with cloud security, including AWS, Azure, and Google Cloud Platform. - Experience with security compliance frameworks such as ISO 27001, NIST, and SOC 2. - CISSP or similar certification is preferred. - Ability to work in a fastpaced environment with minimal guidance and supervision. - Extended experience in security solutions including SIEM, SOAR, Firewall, Web Proxy, and WAF. - Expert in Strong Authentication, End Point Security, Internet Policy Enforcement, Web Content Filtering, Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions, Secure WiFi. - Ability to adapt to constantly changing technical, regulatory, and compliance environments. - The incumbent is expected to interact with all employees including executives and thus good verbal and written skills are important. - Experience working in a banking or financial services environment is an asset. - Technical knowledge of Unix/Linux, Windows, computer networks, computer servers, VMware, SQL Server, firewalls, antimalware tools, IDS/IPS, encryption, and other IT infrastructure technologies. - Strong Knowledge of common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.). - Excellent organized, structured, logical thinking and detail oriented analytic skills are required. - Ability to think out of the box for solutions to technical problems. Job Complexities/Thinking Challenges The positions focus is on quality control within the IT infrastructure. This includes designing, building, and defending scalable, secure, and robust systems; working on operational data center systems and cloud networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect those assets. Develop and implement security strategies for cloudbased systems, including the use of encryption, access controls, and monitoring tools. Conduct regular vulnerability assessments and penetration testing to identify and mitigate potential security risks. Collaborate with crossfunctional teams to develop and implement security protocols for new and existing systems. Develop and carry out information security plans and policies including strategies to respond to and recover from a security breach. Raise awareness on information security standards, policies and best practices. Monitor networks and systems for security breaches, through the use of detection tools for intrusions and anomalous system behavior. Accountability - Facilitates the implementation of Static scans, Dynamic scans, Pen Test, Infrastructure, Container, Cloud scans. - Ensures Security controls and best practices are followed by working closely with the product and platform teams to plan, implement and monitor security controls. - Identify and execute on opportunities to automate internal, cloud and platform security controls with Secure DevOps/Secure SDLC in mind. - Provide subject matter expertise and conduct indepth security reviews of applications and microservices. - Identify and propose process improvements and opportunities for new processes and procedures to reduce risk. - Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and determine the extent of the damage. What we offer [For fulltime permanent roles] Competitive discretionary bonus Market leading RRSP match program Medical, dental, vision, life, and disability benefits Employee Share Purchase Plan Maternity/Parental topup while you care for your little one Generous vacation policy and personal days Virtual events to connect with your fellow colleagues Annual professional development allowance and a comprehensive Career Development program A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience The incumbent will be working hybrid and in office time will be spent working from Equitable Banks additional office space located at 2200-25 Ontario Street, Toronto, ON. Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyones diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well. We commit to providing a barrierfree recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position. We cant wait to get to know you! #J-18808-Ljbffr