Senior Security Analyst
Vancouver, British Columbia, Canada
At Aviso Wealth, we are dedicated to improving the financial well-being of Canadians. As a leading wealth management organization, we are committed to service, partnership, and innovation. Working with talented and energetic professionals who exemplify our values every day, you will quickly notice that our people and dynamic culture sets Aviso Wealth apart. If you are looking for interesting and challenging work, at a company committed to its people, find out more about what Aviso Wealth has to offer at www.aviso.ca.
We’re looking for an IT Security Specialist to join our Information Technology team. Reporting to the Senior Manager, IT Security, the IT Security Specialist will focus on the operation and support of the vulnerability/risk management program, security risk assessments along with the ongoing support of the security architecture. This includes maintaining IT security compliance in accordance with industry regulations.
Who you are:
- Service – You consider both internal and external stakeholders and demonstrate intent of understanding and putting the clients’ needs first. You advocate service excellence and work to deliver solutions that meet the needs. You proactively develop strategic partnerships that allow Aviso Wealth to become a trusted advisor and partner
- Execution – You are committed to achieving your goals and to succeed. This includes focusing on “getting things done”, as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes
- Collaboration – You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization
What your day looks like:
- Work as security SME with our software development teams to ensure the adoption of security best practices across our entire development lifecycle(SDLC), including design, coding, development, quality assurance, testing, and release
- Deploy, integrate, and utilize wide variety of security tools and methodologies to effectively describe, inform and mitigate security threats and protect data, systems and networks
- Continuous security monitoring, prioritizing overall threat levels using metrics from the analysis of systems and applications to protect the confidentiality, integrity, and availability of resources
- Researching, evaluating, designing, testing, recommending or planning the implementation of new or updated information security tools, and analyzing its impact on the existing environment
- Consulting with Technology Department staff to ensure that security is considered during the evaluation, selection, and deployment of applications and infrastructure
- Monitoring and reporting on compliance with security policies, as well as the enforcement of policies within Aviso
- Ensuring audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
Your experience and skills:
- Bachelor's Degree in a technical, engineering or IT related field or equivalent
- Certified Information Systems Security Professional (CISSP) or equivalent
- 6+ years of experience in IT security
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
- Knowledge of SDLC, Internet protocols, network architecture, and security technologies.
- Working knowledge of Windows / Linux Operating systems, firewalls, IDS/IPS, proxy systems, load balancers and networking platforms
- Ability to manually review and validate findings from security scans
- Root-cause-analysis skills with an emphasis on the best solution to complex technical problems and demonstrated ability to quickly understand complex systems
- Hands-on experience with security audits and network and application penetration testing
- Hands-on experience with hardening Linux & Windows servers
- Experience with information security management frameworks, such NIST, ISO, OWASP
- Experience / familiarity with SOX 1 & 2, and/or PCI, compliance processes
- Ability to investigate security breaches and coordinating operational components of incident management, including detection, response, and reporting
- Experience proposing changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
- Providing IT operational security communication, awareness, and training for staff
- Experience writing clear and concise technical documentation
- Fluent communication skills in English are required and bilingual skills in French are an asset
Why Aviso Wealth?
- Competitive compensation package that rewards and recognizes individual contributions
- Excellent health, dental and insurance benefits to meet the diverse needs of our employees
- Generous vacation time, fitness benefit, parental leave top-up options
- Matching contributions to our retirement program
- Commitment to the continuous improvement of our staff through learning & development and an education assistance program
- Regular social events to foster teamwork
Equal Employment Opportunity
Aviso Wealth welcomes and encourages applications from all qualified individuals including persons with disabilities. If you require an accommodation, we will work with you to meet your needs in all stages of the hiring process.
We thank all applicants for their interest, however, only those selected for further consideration will be contacted.
No recruiters or agencies, please.
Aviso Wealth is a national, integrated financial services company, with approximately $90 billion in assets under administration and management. Aviso is owned by Credit Union Centrals, CUMIS and Desjardins. Our MFDA-regulated dealer, full-service IIROC-regulated brokerage, and insurance dealer support thousands of financial advisors at hundreds of credit unions across Canada. Our award-winning online brokerage, Qtrade Investor, and our digital advice platform, VirtualWealth, give Canadians flexible choices for building their wealth. Our asset manager, NEI Investments, is a Canadian leader in Responsible Investment funds and portfolios, which are available through a national network of advisors. Aviso also provides custodial services and introducing broker services to independent financial organizations, including banks, trust companies, insurance companies, investment dealers, portfolio managers and financial planning firms. Aviso has major operations in Vancouver and Toronto, along with regional offices across Canada. More information about Aviso Wealth is available at www.aviso.ca.