Senior Security Technologist, IT Security and Compliance

at  Alberta Motor Association

YOUR favourite PLACE TO BE IS ONE STEP ahead.
YOU write SECURITY CHECKS AND THEY NEVER bounce.
Posted: 2024-10-17
Closing: Until Filled
Location: Edmonton South (Hybrid)
You excel at analyzing and maturing security practices, systems and applications leveraging your keen eye for detail. From securing cloud applications to leading incident response activities, you never stop looking for ways to mature the security practice. You also understand the critical importance of ensuring the protection of information confidentiality, integrity, and availability, in a fashion that allows the organization to get on with its business securely. You see security as an enabler and you know how to use your extensive knowledge, experience, and skills to solve business problems.

WHAT YOU’LL DO

• Reporting to the Senior Manager, IT Security and Compliance, you’ll be supporting the team in protecting the organization from cyber threats, monitoring ongoing operations, and supporting the development of an organization resilient to security incidents. This will be achieved through the planning and implementation of security measures that align with the organization’s security policies, regulatory requirements and roadmaps.
• Participate in and support the development and documentation of a sound, security architecture that safeguards critical services.
• Coordinate and conduct security assessments (threat and risk assessments, pen tests, vulnerability scans etc.) of applications and systems.
• Work closely with internal development and IT operational teams to guide the remediation of risks and vulnerabilities identified during security assessments.
• Manage security software to protect organizational information assets, including endpoint protection.
• Lead the maintenance and maturity of the vulnerability management program.
• Lead incident response activities including the testing of the cybersecurity incident response plan and scenarios.
• Participates in the definition of key metrics for IT Security and Compliance.
• Provide recommendations on improvements to processes aimed at increasing the efficiency and performance of the team.
• Be technical, while also understanding compliance requirements, using business language.
• Be cautious and aware of brand and business impact when making decisions.

WHAT YOU’VE DONE

• You have a degree or diploma in an appropriate field, like Information Technology or Computer Science.
• You have a minimum of 5-8 years of progressive experience in the IT industry, specialized in IT Security with bonus points if you have Security Certifications such as CISSP, CRISC, OSCP etc.
• Have significant experience with scanning tools and pen testing methodologies.
• You have a solid understanding of Cloud Security Concepts, familiarity with securing AWS environments would be an asset.
• You have demonstrated knowledge and understanding of IT Security regulations and frameworks such as NIST CSF, PCI-DSS etc.
• Proficient in one or more of the following scripting languages Python, PowerShell, C#, JavaScript
• You’re highly skilled at researching and interviewing, knowing what questions to ask when problems arise.
• You have a proven understanding of process improvement, organizational design, and change management.
• You have strong writing and presentation skills, for both technical and business issues.