Job Description

At Equitable, we realize that your work life is not just about performing a job; it\'s about being part of a workplace that helps you grow and reach your full potential. Within our friendly and collaborative work environment, we recognize that the key to our growth and success is a dedicated, motivated and customer-responsive staff. Join Equitable today.

Position Title: Senior Technology Specialist, Information Security
Reports To: Senior Technology Manager, Information Security
Department: Corporate IT
Term: Permanent Full-Time

Work Arrangements: We are currently working remotely, and we will be moving to a hybrid model when our office renovation is complete (approximately November 2023), coming into the office a minimum of 2 days per week, every other week on designated days.

The Opportunity: Reporting to the Manager, Cyber Security Operations, the Senior Security Specialist is a technical security expert promoting secure architecture and design at Equitable Life. This role improves the security position of Equitable Life through various activities including but not limited to: performing technical security reviews on Company initiatives, providing leadership to other teams on security related topics and defining system security architecture, strategy and designs.

What you will be doing:

• Provide subject matter expertise to senior management and technical teams, and support the design, deployment, configuration, and monitoring/evaluation of a secure hybrid environment (on premises and Cloud) in the areas of infrastructure (hardware, software, and networks), secure application development, and secure data management
• Define and communicate security requirements with business and technical teams for new corporate projects and business operations
• Perform security assessments, identify gaps, and provide recommendations to improve overall enterprise security and to ensure compliance with regulatory and security requirements
• Research and propose new solutions (including cost and effort estimates) for Cloud Security, Endpoint Security, Network Security, Perimeter Defense, Identity and Access Management, Vulnerability Management, Secure SDLC (Software Development Life Cycle), and other areas as required
• Perform planning, deployment, testing, and documentation of new security solutions or enhancements to existing security solutions in accordance with security best practices and policies
• Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and Threat Risk Assessments, providing recommendations on risk avoidance, mitigation, and issue resolution
• Implement recommendation actions and apply fixes to address gaps identified by assessments and compliance tools such as Azure/365 compliance centers, Microsoft Defender for Cloud and Rapid7
• Participate in the planning and design of enterprise security architecture and document how the implementation of modern technology impacts the security posture of the current environment
• Identify and prioritize system functions required to promote continuous availability of critical business processes and assist in planning, developing, and testing enterprise Disaster Recovery and Business Continuity Plans
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures)
• Whenever required, manage enterprise security systems including but not limited to firewalls, VPN (Virtual Private Networks), IPS/IDS (Intrusion Detection and Prevention Systems), Key Vaults, PKI (Public Key Infrastructure), EDR (Endpoint Detect and Response) (Endpoint Detection and Response), Antimalware, Vulnerability Scanners, SIEM (Security Information Event Manager), PIM (Privileged Identity Manager), SWG (Secure Web Gateway)
• Whenever required, participate in investigations and troubleshooting security related issues
• Perform other duties as required

What you will bring:

• Minimum ten (10) years in IT
• Three (3) years in a related senior level technical role is preferred
• Five (5) years of progressive experience in information security/risk roles is preferred
• An undergraduate or graduate degree in Information Technology or equivalent
• Certified Information Systems Security Professional (CISSP) certification or equivalent
• Certified Cloud Security Professional CCSP (Certified Cloud Security Professional) or equivalent is an asset
• Minimum eight years of experience in Information Security and Compliance
• Hands on experience in planning, deploying, maintaining, and enhancing security systems on premises and cloud Palo Alto firewall/VPN/IPS/IDS, Splunk SIEM, SASE Secure Web Gateway, Rapid7 Vulnerability Management, Pulse Secure, PKI Certificate Management, Container Security, Secure Development Lifecycle, Microsoft Defender for Endpoints/Identity/Cloud Apps, Azure firewall, Akamai WAF (Web Application Firewall), Azure Key vault, Azure IaS, Azure Active Directory PIM, Conditional Access, Exchange Online Protection, DDOS (Distributed Denial of Service)
• Experience in analyzing, developing, monitoring, and creating policies, procedures, processes, and systems in support of cyber security and risk management
• Experience in reviewing and assessing design documents, vulnerability assessments, Threat and Risk assessments, penetration testing reports.
• Knowledge of Open Web Application Security Project (OWASP), Secure Sockets Layer / Transport Layer Security (SSL/TLS) and Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
• Experience prioritizing critical business processes and assisting in planning, developing, and testing enterprise Disaster Recovery and Business Continuity Plans
• Proficiency in the use of IT Security appliances safeguards and tools in cloud and on premises environments
• Strong attention to detail with an analytical mind and outstanding problem-solving skills
• Great awareness of cybersecurity trends and hacking techniques
• Excellent organizational and planning skills

What\xe2\x80\x99s in it for you:

• A healthy work-life balance with employee wellness top of mind
• Annual bonus program, annual vacation allowance, and company-paid benefits program
• An additional paid volunteer day each year so you can spend time giving back to the community
• Immediate enrollment in the company\xe2\x80\x99s pension program with employer matching
• Employee resource groups that support an inclusive work environment
• Tuition support and specialized program assistance
• A company subsidized cafeteria with a variety of daily options
• Discounts on company products and services, and access to exclusive employee perks
• Regular EQ Together events focused on company togetherness and collaboration

As part of the recruitment/offer process you will be required to:

• Provide two professional references (minimum one supervisor and above)
• Undergo a criminal background check

To learn more about Equitable, we encourage you to explore our organization.

At Equitable, we are committed to providing equal access to employment opportunities across our organization. Please contact our HR team at careers@equitable.ca if you would like to receive our job postings in an alternative format or require an accommodation with the application process.

Other details

• Pay Type Salary

Equitable Life of Canada