Questrade Financial Group (QFG) of Companies is committed to helping Canadians become much more financially successful and secure. We are everything a traditional financial institution is not. Our vision is to revolutionize financial services for the benefit of Canadians by providing the most innovative and cost efficient financial services online.
That’s why we empower our employees to continuously grow their professional careers with QFG. We believe in having a diverse, inclusive place to work and our flexible working arrangements brings that to life so you can unleash your creativity. Our values are a part of our DNA, and we care deeply about our people helping us fulfill our mission and become an important part of our community. We are always looking for like-minded professionals to join our team. Come grow with us.
What’s it like working as a Manager, Cybersecurity Data Protection at Questrade?
Cyber threats and data breaches put our reputation and brand on the line, and we'll not compromise. Our company's infrastructure and data need to be continuously safeguarded. As the Manager of our Cybersecurity Data Protection team, you will lead, help define, implement and sustain an end-to-end, enterprise-wide Data Protection (DP) Program, including building a DP Program foundation, solution design, implementation, fine-tuning, metrics, audits, and reporting. You also will be responsible for building and leading a team of cybersecurity analysts.
Need more details? Keep reading...
You will:
- Manage the development and growth of our Data Protection Program. Work closely with other cybersecurity teams and IT to help facilitate the delivery of secure infrastructure and with application development teams to drive the concepts of privacy and security by design.
- Assist in educating the company and its employees about data protection and privacy best practices.
- Act as the Data Protection escalation point of contact.
- Lead security projects and provide expert guidance on security matters for other technology projects.
- Be well-versed in all aspects of cybersecurity, with a focus on data protection, privacy, and regulatory compliance, including data governance, inventory, information classification, access authorization and monitoring as it applies to both structured and unstructured data.
- Assist with management of our Data Protection Program, including coordination of activities with different technical and business data owners, and implementation of data protection controls.
- Work closely with other cybersecurity teams and IT to help facilitate the delivery of secure infrastructure and with application development teams to drive the concepts of privacy and security by design.
- Work on tools to enable automation of user access lifecycle processes.
- Recommend and facilitate the implementation of technical controls to support and enforce defined security policies.
- Perform assessments of solution architecture diagrams, reach conclusions, document results, suggest ideas for efficiencies, identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios relevant to data protection.
- Perform assessments of the data protection security/risk posture within the IT network, cloud environment, systems and software applications, as well as third-party services to recognize relevant issues, quantify associated risks, and facilitate remediation of identified vulnerabilities.
- Actively support the development, and enhancements to our Information Security Strategy and Operating Procedures, SOC2 compliance, and regulatory requirements.
- Develop rapport with others by demonstrating an understanding of their concerns, needs and issues, and focus on creating an internal network that can provide advice and support.
- Seek, develop and present ideas to the broader IT team on new or emerging technologies and threats.
- Continuously contribute to Incident Response (IR) plans and procedures, IR playbooks, and tabletop exercises.
- Stay up-to-date with best practices and global developments in the data protection and privacy area.
- Assist with managing the day-to-day activities of the Cybersecurity Specialist Data Protection team.
- Mentor Data Protection resources, identify training opportunities and areas for improvement.
- Be on call to triage and handle escalation activity.
- Ensure that Information Security Strategy and Operating Procedures are kept up to date.
- Be highly motivated, a critical and analytical thinker.
- Have the ability to work independently and autonomously.
- Be highly influential.
So are YOU our next Manager, Cybersecurity Data Protection? You are if you have…
- 10+ years IT Security or Information security experience with a proven ability to engage with Senior Management and auditors.
- 7+ years of experience in administering data protection controls, data governance, regulatory requirements, PII and privacy protection, data risk assessment and data loss prevention, including defining data asset discovery and inventory, data flows, data lineage, infrastructure mapping, data stewardship and classification, database and unstructured storage configuration auditing, encryption and anonymization methods, and key management.
- 5+ years of experience in project management.
- Deep experience with data governance and Data Loss Prevention technologies and solutions.
- Previous experience in implementing data governance and protection programs and other activities that are relevant to this role.
- Strong knowledge of technical infrastructure, public clouds, networks, databases and systems in relation to IT security, and IT risk.
- Strong written and verbal communication, presentation and technical writing skills, coupled with a keen interest in furthering your Cyber Security skills.
- Have knowledge of Google Cloud Platform or similar technologies.
Brownie points if…
- OSFI regulated environment experience.
- Cybersecurity, infrastructure, and public cloud certifications.
- Experience in defining metrics and KPIs, implementing cybersecurity/risk dashboards.
- Scripting language skills.
Sounds like you? Click below to apply!
At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. We value the unique skills and experiences each individual brings, and believe that when our teams feel supported and motivated, their creativity becomes a source of innovation. We are also committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and also one which reflects the diversity of the communities we serve and operate in to help us revolutionize financial services for the benefit of all of our customers. Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs.
Apply Now