Back to home

Search Jobs

Advisor, Information Security -Application Security

Toronto, Ontario M5H 2N2

Job ID: 14874 Type: IT-Information Technology

Advisor, Information Security -Application Security - Full Time Opportunity

One of the top employers in Toronto!

He\she will be working in the department which is accountable to ensure that information security risks within their assigned portfolio (i.e. line of business, technology development group, and/or infrastructure group) are identified, assessed and reported, appropriate controls are in place, and local procedures and activities comply with client’ s Information Security (IS) policies, standards and operating procedures, industry best practices and regulatory requirements. In addition, the department is the center of competence for Information Security, providing advisory services, and is aligned to the line of business.

Key responsibilities
  • Consulting and Advisory
  • Governance and Control
  • Reporting
  • Training and Awareness

 

Consulting and Advisory

 
  • Work closely with portfolio personnel, stakeholders, and senior management to identify Information Security related risks and controls.
  • Understand business, local and Information Security strategies as they relate to the portfolio.
  • Provide Information security requirements, advice and counsel to portfolio personnel, project teams, and the Business ensuring alignment to IS processes and solutions.
  • Lead security architecture / design of projects / solution (application/infrastructure/etc.) as required
  • Manage/facilitate security due diligence activities throughout the project lifecycle to  ensure that security risks are identified and controls are implemented to mitigate risk.
  • Evaluate and assess emerging security threats and vulnerabilities in portfolio and work with portfolio personnel to identify appropriate controls.
  • Provide portfolio personnel guidance in understanding and responding to security incidents with appropriate stakeholders.
  • Work as Information Security subject matter expert and provide expertise in regards to their support area or portfolio (specifically on IBM mainframe security).
  • Be a subject matter expert on security controls applicable to rapid software development methodologies and DevOps automation.


Governance and Control
  • Implement information security risk governance and control framework for the local organization that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements.
  • Direct and monitor due diligence of information security risk processes and results on an ongoing basis
  • Identify, evaluate the magnitude and document information security risks in the portfolio and ensures necessary approvals are obtained.
  • Oversee and manage portfolio of Information Risk Issues (IRI) to ensure these are current, accurate and are supported by sound resolution plans or formal risk acceptance by business executive.
  • Complete portfolio level risk assessments.
  • Review and provide recommendations to IS policies, standards, guidelines/ processes.
  • Escalate potential or unresolved security  issues to management for resolution as appropriate.
     

Qualifications:
  • In depth knowledge of Application Software Security, Information Security   risk and industry best practices
  • Knowledge based on hands on experience in implementing security in rapid software development methodologies (like, Agile) and DevOps automation
  • Working knowledge of the technical areas supported e.g. data warehouses, mainframes, networks, etc
  • Working knowledge of policies, standards and operating procedures in large organizations relating to information security risk
  • Information Security certification e.g. CISSP, CISSLP, GIAC etc.
  • Database security (e.g. secure database configuration)
  • Network security (e.g. firewall management, network zone policies)
  • IBM Mainframe Security (application and system)
     

Interested applicants please share your resume at dazad@deangroup.ca

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs:

Dean Group Staffing Services

  • Temporary Staffing
  • Temp-to-Hire Staffing
  • Contract Staffing
  • Direct Hire Staffing
  • Executive Search
  • Onsite Management
  • Payrolling
Learn More >

"In our dealings with Dean Group, we have always been provided with quality personnel in a timely manner. It has always been a pleasure dealing with Dean for their expertise, personal commitment, and energy to meet our goals."

- Maple Leaf Sports & Entertainment
More Testimonials >