We are
At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron’s progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500+, and has 58 offices in 21 countries within key global markets.
Our challenge
We are seeking an experienced Cybersecurity and Threat Protection professional with over 15 years in the field to lead cybersecurity engineering team responsible for identifying, prioritizing, and mitigating cybersecurity risks and vulnerabilities.Your leadership will be instrumental in transforming and maintaining our cybersecurity framework, positioning Capital Markets as a leader in cybersecurity resilience across the organization.
Additional Information
The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Toronto, ON is CAD $140k - CAD $160k/year & benefits (see below).
The Role
Responsibilities:
The Director, Cybersecurity and Threat Protection plays a pivotal role in enhancing the cybersecurity posture and strengthening the control environment across client’s Capital Markets. You will lead a cybersecurity engineering team responsible for identifying, prioritizing, and mitigating cybersecurity risks and vulnerabilities. This role drives strategic enhancements to security practices, ensuring robust controls and effective risk management throughout the Capital Markets estate. Your leadership will be instrumental in transforming and maintaining our cybersecurity framework, positioning Capital Markets as a leader in cybersecurity resilience across the organization.
What will you do?
Lead the implementation and ongoing enhancement of cybersecurity programs including application security (SAST/DAST), vulnerability management, penetration testing remediation, and secure coding practices. Drive cybersecurity strategy, ensuring alignment with organizational objectives, emerging threat intelligence, CVE tracking, and regulatory requirements. Direct vulnerability management processes, prioritization, and remediation strategies across applications, cloud, containers, and server environments. Establish and enforce cybersecurity standards, controls, and automation within DevSecOps and CI/CD pipelines. Provide strategic oversight and guidance on penetration testing activities, ensuring effective collaboration with external penetration testing teams and internal remediation processes. Assess emerging threats, leverage threat intelligence, and implement proactive security measures and innovative technologies to mitigate risks. Foster collaboration with development, infrastructure, and cloud teams to address complex vulnerabilities effectively. Communicate cybersecurity risks, metrics, and strategic initiatives clearly to senior management and stakeholders.
Requirements:
You are:
Must-have:
- 15+ years of experience in cybersecurity roles, including 5+ years leading cybersecurity engineering or threat protection teams.
- Strong expertise in cybersecurity frameworks, vulnerability management strategies, penetration testing methodologies, application security, and cloud/container security.
- Demonstrated leadership in establishing and maturing cybersecurity capabilities and automation.
- Relevant industry certifications such as CISSP, CISM, CCSP, OSCP or equivalent.
- Exceptional communication, stakeholder management, and strategic thinking capabilities.
Nice-to-have:
- Experience in financial services, capital markets, or highly regulated industries.
- Familiarity with cloud-native security, infrastructure-as-code (IaC), Docker containers, Kubernetes orchestration, and AWS cloud environments.
- Background in cybersecurity engineering practices including infrastructure security, container security, and cloud security.
- Hands-on experience with security orchestration, automation, and response (SOAR) platforms.
We can offer you:
- A multinational organization with 58 offices in 21 countries and the possibility to work abroad
- 15 days (3 weeks) of paid annual leave plus an additional 10 days of personal leave (floating days and sick days)
- A comprehensive insurance plan including medical, dental, vision, life insurance, and long-term disability
- Flexible hybrid policy to fit your schedule
- RRSP with employer’s contribution up to 4%
- A higher education certification policy
- On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated courses
- Coaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groups
- Cutting edge projects at the world’s leading tier-one banks, financial institutions and insurance firms
- A truly diverse, fun-loving and global work culture
SYNE CHRON'S DIVERSITY & INCLUSION STATEMENT
Diversity and inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative-action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference’ is committed to fostering an inclusive culture – promoting equality, diversity, and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more.
All employment decisions at Synechron are based on business needs, job requirements, and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
