Job Title: Cybersecurity Engineer (Technology / Cybersecurity controls)
Experience: Level 3 (5-7 years)
Location: Montreal (Day 1 onboarding onsite / in office presence 3x week)
The successful candidate will join the Continuous Controls Monitoring (CCM) team and be part of the Metric Design & Architecture team. Metric Design is one of the core components of CCM which quantifies and reports on the implementation correctness and/or operating efficiency of Technology controls. The Metric Design & Architecture team translates Technology Policy controls into clear and specific Metric definitions which identifies the implementation details, tools, evidence, metrics formula, etc for data acquisition, analysis, and reporting of Control effectiveness. The team works closely with Control implementors, product owners, architects, and engineers.
Specific role responsibilities include:
- Establish and document Control metric definition for Technology controls by engaging with various Stakeholders, understanding processes, and analyzing data for accurate measure.
- Engage with Technology Policy team to ensure Control Measurement/Metric requirements are met through Policy design/update process.
- Partner with various Metric consumers to establish Reporting framework meeting their requirements.
- Partner closely with CCM Data acquisition and tooling team for successful implementation of metrics
Required Skills:
- 5+ years of experience in information security or/and information technology
- 2+ years hands-on experience with technology or cybersecurity control implementations.
- Ability to define metrics/ Key Control Indicators to show control implementation completeness.
- Strong business acumen and a strategic mindset
- Experience working with and understanding the needs of customers or clients
- Strong interpersonal skills, to interact at all levels and be effective as part of a broader team/stakeholder engagement
- Ability to manage expectations and handle high-pressure situations with tight deadlines
- Proven analytical skills decision-making ability based on quantitative and qualitative data
Skills Desired:
- Knowledge of various domains of Technology control / Cybersecurity
- Knowledge of Public cloud technology
- Knowledge of security concepts and tools around Identity &Authentication, Data Security, System security, Network Security and Application security.
- Knowledge of security logging, monitoring, and incident response
- Cybersecurity certifications is preferred.
