Analyst - IT Security

November 18, 2020

(Work place: Lévis, Montréal)

Desjardins Group is the largest cooperative financial group in Canada, and one of the largest employers in the country. It offers a full range of financial products and services and is home to a wealth of expertise in property and casualty insurance, life and health insurance, wealth management, services for businesses of all sizes, securities brokerage, asset management, venture capital, and secure, leading-edge virtual access methods.

Job Level

NV-08As an analyst, vulnerability management, you help protect IT hardware, software and information against modification, destruction and unauthorized disclosure, as well as ensure authentication and access control by designing, administering and maintaining proven security systems. You analyze IT systems and oversee the development of protective measures to back up, restore and secure systems.You analyze and help diagnose issues and situations related to IT security. You provide opinions in accordance with the rules of your discipline and advice for the development of recommendations and appropriate implementation plans. You develop work tools, methods and processes. Your projects and initiatives require extensive knowledge of your line of work.You offer ideas. You help solve problems through analysis and by drawing on your comprehensive understanding of the line of business. You leverage your ability to manage complex situations. You interact with stakeholders working in other technology fields.You provide discipline-specific support to your unit, clients and partners.

Main responsibilites

  • Identify, input, analyze and interpret data to support operational planning, inform decision-making and monitor the application of management policies and practices. Make appropriate recommendations.

  • Analyze risks. Draft various reports and recommendations. Provide advice and support for recommendation implementation.

  • Help prepare and propose action plans to address issues in accordance with generally accepted rules and parameters. Ensure action plans are implemented in accordance with the organization's security standards and rules.

  • Develop and write methods, processes and reports and ensure data is accurate.

Additional responsibilities

  • Run exploitability tests for application or infrastructure vulnerabilities detected.

  • Document the results in a vulnerability report for analysts.

  • Support and advise stakeholders in correcting vulnerabilities.

  • Explain vulnerabilities to stakeholders in plain language.

  • Help monitor and detect vulnerabilities.

  • Share security development knowledge with developers, etc. 

  • Provide technical advice and support in offensive security.

Other working conditions

  • Work place: Montreal or Levis, depending on the candidate's preference

  • Number of jobs available : 3

Qualifications

  • Bachelor's degree in a relevant field or relevant certification, such as OSCP, OSWE or OSCE  

  • Development experience in at least one of the following popular languages: Java (J2EE), Python, .NET (C#, VB.net, MVC), JavaScript, PHP 

  • Experience with capture the flag (CTF) IT and/or security competitions (an asset) 

  • A minimum of two years of relevant experience

Please note that other combinaisons of qualifications and relevant experience may be considered

  • For vacant positions available in Quebec, please note that knowledge of French is required

Specific knowledge

  • Understanding of Windows and Linux operating system security (hardening and attacks)

  • Knowledge of web vulnerabilities, including the OWASP top 10 vulnerabilities: SQL injection, CSRF, XSS, etc.

  • Knowledge in one of the following fields: cryptography, web application security, mobile application security, network infrastructure or reverse engineering

  • Knowledge of various cloud computing solutions

  • Knowledge of certain security testing tools, such as HTTP proxy interception (e.g., Burp), nmap, sqlmap, Wireshark and Metasploit

  • Advanced proficiency in English

Desjardins Cross-sector skills

Action oriented, Collaborates, Customer Focus, Innovation

Key competencies for the job

Action oriented, Business insight, Collaborates, Complexity, Customer Focus, Innovation

Work Location

Complexe Desjardins Montréal

Trade Union

Non Syndiqué

Unposting Date

2020-12-2

Job Family

Information technology (FG)

Show More Jobs

Jobs Alert