Job Title

Overview Senior Security Engineer with a strong Cloud Security background. The candidate will have an in-depth Zero Trust and SASE security model understanding. Responsibilities include Cloud Logs Acquisition and Analysis, Cloud Investigations, Security Engineering & Architecture, Use Case Development, Playbook Development, SIEM Log Integration, and Threat Detection Tuning. Primary responsibilities include monitoring, configuring, tuning, and maintaining ZTNA services for the Information Security Group. The role involves building interconnected systems to improve efficiency of Information Security Operations and periodic interaction with external vendors, auditors, and regulators on security, compliance, and audit events. Main Activities Provide detailed analysis and recommendations after monitoring security events from sources such as IDS/IPS, DLP, Anti-Virus/Endpoint Protection, Network and Web Application Firewalls Examine, appraise, and interpret correlation metrics; develop dashboards and reports Tune rules, filters, and policies for detection-related security technologies to improve accuracy and visibility Akamai Web Application Security: engineering, deployment, integration, and operations of Web Application Firewall security solutions Perform hands-on Web Application Firewall deployment, configuration, policy fine-tuning and maintenance Improve and support application security tool deployments including static analysis and runtime testing tools Protect enterprise pipeline on Azure DevOps, and integrate applications running on AKS, PCF and Docker using Aqua Security; lead security incident response with investigations and mitigations Train and educate Security staff, other Technology Groups, and external partners on Zero Trust Network Architecture Manage SIEM elements such as Log collection, Normalization, Correlation, and Aggregation Perform compliance activities and support PCI DSS and other audit requirements Participate in evaluating, designing, and implementing new security solutions Maintain documentation of tools, logic, policies, and procedures Participate in security risks, threats, and vulnerabilities assessments On-call, off-hours, and/or shift work may be required Knowledge/Experience Requirements Advanced degree in Computer Science or related field is highly preferred Minimum of eight (8) years in an information security function or role Experience with cloud security (AWS, Azure, Google Cloud Platform) Experience with security compliance frameworks (ISO 27001, NIST, SOC 2) CISSP or similar certification is preferred Ability to work in fast-paced environments with minimal guidance Extensive experience in security solutions including SIEM, SOAR, Firewall, Web Proxy, and WAF Strong expertise in: Strong Authentication, Endpoint Security, Internet Policy Enforcement, Web Content Filtering, PKI, DLP, IAM, Secure Wi-Fi Adaptability to changing technical, regulatory, and compliance environments Excellent verbal and written communication; ability to interact with all employees including executives Experience in banking/financial services is an asset Technical knowledge of Unix/Linux, Windows, networks, servers, VMware, SQL Server, firewalls, anti-malware tools, IDS/IPS, encryption, and other IT infrastructure tech Strong understanding of networking services/protocols (TCP/IP, SSH, DNS, DHCP, SMTP, SSL, etc.) Organized, structured, logical thinking and detail-oriented analytics Ability to think creatively to solve technical problems Job Complexities/Thinking Challenges The role focuses on quality control within IT infrastructure, including designing, building, and defending scalable, secure, and robust systems; working on operational data center systems and cloud networks; understanding advanced cyber threats; and helping create strategies to protect assets. Develop and implement security strategies for cloud-based systems, including encryption, access controls, and monitoring tools. Conduct regular vulnerability assessments and penetration testing to identify and mitigate risks. Collaborate with cross-functional teams to implement security protocols for new and existing systems. Develop and execute information security plans and policies for response and recovery from security breaches. Raise awareness on information security standards, policies, and best practices. Monitor networks and systems for security breaches using detection tools for intrusions and anomalies. Accountability Facilitate the implementation of static scans, dynamic scans, pen testing, infrastructure, container, and cloud scans Ensure security controls and best practices are followed by working with product and platform teams to plan, implement, and monitor security controls Identify opportunities to automate internal, cloud, and platform security controls with Secure DevOps / Secure SDLC in mind Provide subject matter expertise and conduct in-depth security reviews of applications and microservices Identify and propose process improvements to reduce risk Lead incident response, including steps to minimize impact and conduct technical/forensic investigations What we offer Competitive discretionary bonus Market-leading RRSP match program Medical, dental, vision, life, and disability benefits Employee Share Purchase Plan Maternity/Parental top-up Generous vacation policy and personal days Virtual events to connect with colleagues Annual professional development allowance and Career Development program A fulfilling opportunity to join one of the top FinTechs The incumbent will be working hybrid; in-office time at 2200-25 Ontario Street, Toronto, ON. Equitable Bank is committed to inclusion and supports a barrier-free recruitment process. Please let us know of accommodations needed. All candidates considered for hire must successfully pass a criminal background check and credit check. Only leading candidates whose skills closely match the requirements will be contacted. We cant wait to get to know you! #J-18808-Ljbffr