(Work place: Lévis, Montréal)
Desjardins Group is the largest cooperative financial group in Canada, and one of the largest employers in the country. It offers a full range of financial products and services and is home to a wealth of expertise in property and casualty insurance, life and health insurance, wealth management, services for businesses of all sizes, securities brokerage, asset management, venture capital, and secure, leading-edge virtual access methods.
NV-08As an analyst, vulnerability management, you help protect IT hardware, software and information against modification, destruction and unauthorized disclosure, as well as ensure authentication and access control by designing, administering and maintaining proven security systems. You analyze IT systems and oversee the development of protective measures to back up, restore and secure systems.You analyze and help diagnose issues and situations related to IT security. You provide opinions in accordance with the rules of your discipline and advice for the development of recommendations and appropriate implementation plans. You develop work tools, methods and processes. Your projects and initiatives require extensive knowledge of your line of work.You offer ideas. You help solve problems through analysis and by drawing on your comprehensive understanding of the line of business. You leverage your ability to manage complex situations. You interact with stakeholders working in other technology fields.You provide discipline-specific support to your unit, clients and partners.
Identify, input, analyze and interpret data to support operational planning, inform decision-making and monitor the application of management policies and practices. Make appropriate recommendations.
Analyze risks. Draft various reports and recommendations. Provide advice and support for recommendation implementation.
Help prepare and propose action plans to address issues in accordance with generally accepted rules and parameters. Ensure action plans are implemented in accordance with the organization's security standards and rules.
Develop and write methods, processes and reports and ensure data is accurate.
Run exploitability tests for application or infrastructure vulnerabilities detected.
Document the results in a vulnerability report for analysts.
Support and advise stakeholders in correcting vulnerabilities.
Explain vulnerabilities to stakeholders in plain language.
Help monitor and detect vulnerabilities.
Share security development knowledge with developers, etc.
Provide technical advice and support in offensive security.
Other working conditions
Work place: Montreal or Levis, depending on the candidate's preference
Number of jobs available : 3
Bachelor's degree in a relevant field or relevant certification, such as OSCP, OSWE or OSCE
Experience with capture the flag (CTF) IT and/or security competitions (an asset)
A minimum of two years of relevant experience
Please note that other combinaisons of qualifications and relevant experience may be considered
For vacant positions available in Quebec, please note that knowledge of French is required
Understanding of Windows and Linux operating system security (hardening and attacks)
Knowledge of web vulnerabilities, including the OWASP top 10 vulnerabilities: SQL injection, CSRF, XSS, etc.
Knowledge in one of the following fields: cryptography, web application security, mobile application security, network infrastructure or reverse engineering
Knowledge of various cloud computing solutions
Knowledge of certain security testing tools, such as HTTP proxy interception (e.g., Burp), nmap, sqlmap, Wireshark and Metasploit
Advanced proficiency in English
Desjardins Cross-sector skills
Action oriented, Collaborates, Customer Focus, Innovation
Key competencies for the job
Action oriented, Business insight, Collaborates, Complexity, Customer Focus, Innovation
Complexe Desjardins Montréal
Information technology (FG)