This job board retrieves part of its jobs from: Brampton Jobs | Commis d'Entrepôt | Work From Home

The only jobs board exclusive to the people of Hamilton, ON

To post a job, login or create an account |  Post a Job

   Hamilton Jobs   

No need to go to Toronto for the job of your dreams. Find a job near home!

Slide 1
Slide 2
Slide 3
previous arrow
next arrow


Director, Security Advisory (11976)

IGM Financial

This is a Contract position in Hamilton, ON posted January 21, 2023.

Career Opportunities: Director, Security Advisory (11976) Requisition ID 11976
– Posted 01/19/2023
– Location (1)
– Canada
– Province of Job Posting (1)
– Career Site (2) IGM Financial Inc.

is one of Canada’s leading diversified wealth and asset management companies with approximately $271 billion in total assets under managements.

The company provides a broad range of financial planning and investment management services to help more than two million Canadians meet their financial goals.

Its activities are carried out principally through IG Wealth Management, Mackenzie Investments and Investment Planning Counsel.

Under IGM Financial’s unique business model based on leading brands and multi-channel distribution strategy, we’re IG Wealth Management.

For over 90 years of business we have grown to become one of the largest most respected companies in Canada.

We are a leader in providing the best advice, experience and outcomes for our clients, personalized throughout their lifetime.

We are proud to be recognized among Canada’s Top 100 Employers (2022) by Mediacorp Canada Inc.

in the national ranking for our focus on supporting employees with a number of initiatives that promote personal wellness with a focus on four key pillars including physical, mental, social and financial health.

This is your opportunity to build a career with a leading organization where you can learn, grow and thrive both professionally and personally.

At IG Wealth Management, our vision is to inspire financial confidence.

You will join a team that that believes our success starts with the success of our clients, while working together as a team to realize our greatest potential.

You will join a team that strives towards excellence while developing and sharing skills and knowledge.

You can make a difference for our clients, the world around us and be part of a team that cares.

We are dedicated to offering a hybrid work environment when applicable.

IG Wealth Management is a diverse workplace committed to doing business inclusively
– this starts with having a representative workforce We encourage applications from all qualified candidates that represent the diversity present across Canada – including racialized persons, women, Indigenous persons, persons with disabilities, 2SLGBTQIA community, gender diverse and neurodiverse individuals, as well as all who may contribute to the further diversification of ideas.

Role & Responsibility IGM is looking for experienced cross-functional subject matter experts to drive best-in-class security advisory services, to support the design, implementation, and deployment of secure-by-design security controls in technology solutions that align to corporate security standards, policies, and industry regulations across IGM.

The candidate is expected to support IGM teams to provide expert advice to support efforts for protecting the data, systems, applications, and critical information.

Mandatory : The candidate must have hands-on experience in computer or software engineering in their previous careers that include the Design, Build, Operationalization and of technology solutions.

Provides support to IGM Technology and Business Groups by ensuring alignment with Information Security standards and policies with a specific focus on implementation of controls in applications, data, cloud platforms, systems, networks and end-point solutions Represents Information Security and provides support to IGM Technology and Business Groups by suggesting ways to implement security requirements to protect Company information from intentional or accidental disclosure, modification, or destruction and improve overall Security and reduce Risk Creates and publishes security guidelines, design patterns, standards, and best practices and educates IGM Technology and Business Groups for incorporation into applications, data, cloud platforms, and infrastructure solutions Consults broadly with the Technology and Business Groups and Enterprise Services to guide and influence implementation of security in technology decisions and initiatives Technology Patterns Analysis & Approvals Data & Cyber Security Consulting Threat Modeling Secure-by-Design Security Requirements Zero Trust Models Mobile, API, Data, Cloud Application Security Assessments Information Security Consultations Evaluates existing cloud infrastructure and identify potential threats and gaps in security posture and prioritize remediation efforts Supports a balanced approach for security controls and support of governance practices Foster strong cross-functional partnerships for consistent delivery through seamless communication and coordination Performs research on issues as needed to ensure suggestions meet necessary business security and regulatory requirements Seeks industry trends and organization knowledge to understand and implement effective security practices Develop security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points Mandatory Expertise required for this Role This role must have expertise in the following areas: Cloud security controls: Cloud identity DNS / CDN / CASB Virtual Machine Security Container Security: Provide guidance and advice in implementing tools and policies to ensure that container infrastructure, apps, and other container components are protected across their entire attack surface Virtualised Security Appliances Participate and contribute to IGM’s SaaS/PaaS/IaaS Strategy Contribute to SaaS/PaaS/IaaS Policy and Guidelines Governance and Compliance Enforcement Provide guidance to IGM Technology and Business Groups for cloud Specific BCP and DR SLAs & performance management Data ownership, liability, incidents, privacy compliance Security assurance Management of Shadow IT Collaborate and provide guidance to IT Risk teams for cloud risk evaluations M365 Security Microsoft Active Directory and Azure Active Directory SharePoint Online and OneDrive Exchange Online Protection Anti-Virus Protection Advanced Threat Protection Phishing & Impersonation Protections Email Encryption Domain-based Message Authentication, Reporting, and Conformance (DMARC) DomainKeys Identified Mail (DKIM) Key Areas of Expertise for the Team The Security Advisory Services team provides expertise in these additional areas: Application Security Secure by Design principles Secure Application Development Defense-in-Depth Threat Modeling Design Reviews Secure Coding Static Analysis Security Testing Secure Coding Training & Review File Integrity Monitoring Application Vulnerability Testing Inventory of Open-Source Components SecDevOps Framework and CI/CD pipeline Source Code Supply Chain Security Release Management GO/NO-GO: Ensuring Compliance to Security Data Security Data & Process mapping Immutable Air Gapped Backups Data Access Governance: Information Ownership & Custodianship Application Access Controls Role-Based Access Controls Encryption and Key Management Lifecycle Encryption & Masking Public Key Infrastructure Encryption at Rest and in Transit Business Partner Access: Access Approval Access Reviews Access Removal Identity Federation & Access Automation DLP & Data Classification Policy Enforcement Data Loss Channels Configurations Data Retention & Destruction End Point & Mobile Security Patching / Software Updates Anti-Malware Endpoint Detection & Response Desktop Security Device Tracking Encryption PIN / Password Enforcement Apps Inventory & Deployment Control Cloud Storage of Data Security Health Checks Network Access Control Privileged User Control Policy Management Access to Corporate Data from Non-Corporate Devices Infrastructure & Network Security Asset Management Defense-in-Depth Service Continuity & Disaster Recovery Anti-Malware & APT protection Backups, Replication, Multiple Sites Host Intrusion Prevention System (HIPS) Security Monitoring AI, ML & Robotics Blockchain 5G IOT / Operational Technology security Firewalls, IDS, IPS, Full Packet Inspection DDoS Detection of Misconfigurations Secure Remote Access Proxy / Content Filtering Secure Wireless Networks Physical Security Physical Access Control & Monitoring Theft Prevention Information & Communications Technology Controls BCP / Work Area Recovery sites Qualifications 10 years of expertise in several Information Security and/or Information Technology disciplines (e.g.

Cloud Computing, Platform, Network, Application Development, Penetration Testing, etc.) Solid knowledge of cloud technologies and services (GCP, Azure, AWS, Kubernetes and IAM, CI/CD pipelines, Infrastructure as code) Demonstrated experience in developing and applying leading security practices in a large-scale Information Security, Technology Risk or Vendor Risk environments Advanced working experience with security control frameworks, e.g.

NIST CSF, NIST 800-53, ISO 27001, ISO 27002, ISO 27017, ISO 27018, PCI DSS, MITRE ATT&CK and CIS Critical Security Controls One or more industry recognised security certification(s) (CISSP, CCSP, CISM, CRISC, etc.) is an asset Certifications from major cloud providers is nice to have (Google, Microsoft, or AWS) is an asset Ability to partner with diverse stakeholders in complex scenarios with excellent liaison, communication, influence, and presentation skills Effective communication skills, with the ability to be both assertive and influential, across levels and teams within the organization Strategic thinker, skilled at connecting dots across stakeholder teams while facilitating progress through program leadership Strong desire to implement change and contribute to the organization Knowledge of the Financial Services industry would be an asset Please visit our career page by clicking on the following link: For internal applicants, please share with your current leader your intent to apply to the role.

In the event that you are selected, please let your Talent Acquisition Partner know if you are in any other internal recruitment process.

We thank all applicants for their interest in IG Wealth Management; however only those candidates selected for an interview will be contacted.

IG Wealth Management is an accessible employer committed to providing a barrier free recruitment experience.

If you require an accommodation or this information in an alternate format at any stage of the recruitment process, please reach out to the Talent Acquisition team who will work with you to meet your needs.