Job Description :Our client is  looking for a Security Architect to reinforce the information security GRC team in Calgary.

Must Have Primary Skills :
The candidate will help develop the Firm's cybersecurity governance procedures, assist in specific security projects, and contribute to the response to various security alerts and requests.

Bachelor's degree in Computer Science, Computer Engineering, Information Security or related fields
Minimum five years’ experience in information security including:
-Participating in security governance and management activities, with the development, implementation and operations of information security policies and procedures 
-Working in an ISO 27001 certified environment or contributing to an ISO 27001 certification project
-Hands-on usage of Security Information and Event Management (SIEM) tools (preferably Splunk), 
-Responding to security alerts and security requests such as: phishing email, malware detection, suspicious network traffic, and failed authentications
-Minimum three years of IT and security experience with exposure to a various security topics and technologies, including networking, web applications, and the Microsoft ecosystem (Windows domain, Servers, SQL databases, Windows 10, etc.).
Ability to perform a sound assessment of security risks, to provide appropriate recommendations, and clearly present the security risks and related recommendations to management
Up to date knowledge of existing and emerging threats, with a fair understanding of common attack vectors, such the landscape of malicious actors and the type of attacks they can perpetrate
Strong analytical and technical abilities to process large amount of data, run advanced queries, use regular expressions, and build summary reports

Nice To Have Secondary Skills :
Outstanding oral and written communication skills
Excellent interpersonal relationship skillsHigh-level of attention to detail and accuracy
High degree of personal initiative and maturity with an ability to work with minimal supervision
Ability to prioritize tasks effectively, respect deadlines, and report any issues or conflict  in the performance of operational activities, and the planning and scheduling of tasks and projects

Professional certifications as follows are an assetSANS/GIAC, CompTIA Security+, CEHCISSP, CISA, CISM, CRISC

Proven Experience In :
Develop, maintain and update security dashboards, metrics and reports as required for the team, the IT Department and senior management
Process data from Splunk to feed operational reports, including content development, development of operational and threat dashboards, as well as ad-hoc queries
Oversee the cybersecurity program for third parties, including the security questionnaire, compliance metrics and follow-up
Assist with cybersecurity requests from the Firm's clients and third parties
Participate in the ISO 27001/2 program by performing internal audits, making suggestions, and updating/improving existing security standards and procedures
Assist as required in the daily response to security alerts and security requests, including endpoint and network security, access rights, social engineering attacks, and others
Assist with Security threat and vulnerabilities monitoring and assessment
Develop and maintain specific Standard Operating Procedures (SOPs) for security operations
Manage specific security projects and initiatives (technical and non-technical)Contribute to important IT projects
Communicate with internal and external stakeholders as required to gather information when ensuring security governance tasks, conducting security investigations, or contributing to projects


IND 1
Please send your resume to gvenkatasubramanian@finney-taylor.com