You're using an older version of Internet Explorer that is no longer supported. Please update your browser.
BCI

Senior Technology Security Engineer

BCI
Details
Full Time
Yesterday

DEPARTMENT DESCRIPTION

The Technology Department is responsible for providing technology solutions that contribute to the achievement of BCI’s vision and long-term goals. The department manages the Corporation’s business applications and information technology infrastructure, providing support to a large group of financial professionals. The Technology Department is also responsible for authoring IT-related directives and conducting disaster recovery planning to minimize risk to the Corporation’s delivery of investment services.

POSITION DESCRIPTION

Reporting to the Director, Security & Risk, the Senior Technology Security Engineer is responsible for security processes, products and projects with medium to high levels of complexity. The Senior Technology Security Engineer will be instrumental in developing security requirements and designing and implementing security solutions. S/he will collaborate and communicate with members of cross-functional teams in an Agile hybrid environment and enable the effective and efficient delivery of secure, quality products. The position can be based in either Vancouver or Victoria with travel between the two cities.

QUALIFICATIONS

  • Bachelor’s degree in Technology, Engineering, Computer Science, or a related field
  • A minimum of 8-10 years of experience in progressively senior technical roles with responsibility focused on information security processes, products and projects
  • Experience with Agile methods (Scrum) and DevOps practices
  • Must have excellent customer-service, listening, communication and problem-solving skills
  • Must be able to implement programs to measure and sustain the security posture of large complex environments
  • Demonstrated ability to plan, execute and deliver project results
  • A background in security or systems engineering is a definite asset
  • Professional certifications such as Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent credentials is an asset

PRIMARY RESPONSIBILITIES

  • Collaborates with team members and other IT teams on technical roadmap planning, development and implementation
  • Collaborates and coordinates with application and operations teams and provides guidance on the development of secure product designs
  • Analyses and develops information security governance, including organizational policy, standards and guidelines that align with security frameworks and best practices
  • Architects, analyzes and recommends security controls and procedures in business processes related to the use of information systems and assets, and monitors for compliance
  • Develops security requirements for products based on product design needs and defines and implements security user stories with product teams. Supports security quality and assurance of products using various security testing tools
  • Performs validation and tuning of security testing tools to provide accurate and actionable results
  • Drives the selection, POC, implementation and operational deployment of security solutions to ensure the confidentiality, integrity and availability of data and systems
  • Ensures that application and infrastructure solutions are stable, secure, and compliant with security standards and policies
  • Develops and implements vulnerability management processes throughout the system development lifecycle (planning, design, development, testing, release)
  • Provides direction for identity and access management reference architecture specifically in areas of hybrid cloud integration and federated authentication
  • Provides technical leadership, mentoring and coaching to team members and creates a culture of customer-centricity, accountability and high performance
  • Performs security monitoring of solutions and participates as a subject matter expert in security incident response scenarios
  • Proactively identifies risks and issues and proposes solutions to remove barriers
  • Undertakes special projects or assignments as required
  • Performs other related duties as required

COMPETENCIES

Learning Agility

Effective performers continuously seek new knowledge. They are curious and want to know “why”. They learn quickly and use new information effectively. They create and foster a culture of interest, curiosity, and learning.

Relationship Building

Effective performers establish and proactively maintain a broad network of relationships (e.g. colleagues, co-workers, vendors, suppliers, etc.). They value these relationships and work effectively across the organization by maintaining positive working relationships with peers and others.

High Standards

Effective performers possess a high inner work standard and shows pride in their work.  They consistently strive to ensure work is complete within deadlines and that all work performed is of a high quality.

Influence

Effective performers are skilled at directing, persuading, and motivating others. They are able to flex their style to direct, collaborate, or empower as the situation requires. They have established a personal power base built on mutual trust, fairness, and honesty.

Organization & Planning

Effective performers have strong organizing and planning skills that allow them to be highly productive and efficient. They manage their time wisely and effectively prioritize multiple competing tasks. They follow through on tasks to ensure changes in technology are communicated effectively.

Results Orientation

Effective performers maintain appropriate focus on outcomes and accomplishments. They are motivated by achievement, and persist until the goal is reached. They convey a sense of urgency to make things happen. They respect the need to balance short- and long-term goals. They are driven by a need for closure.

Communicativeness

Effective performers clearly and articulately convey technical and other information both orally and in writing to others in a manner appropriate to the listener. They write clearly, accurately and concisely, composing project, technical and other required documentation as required.   

Change Mastery

Effective performers are adaptable. They embrace needed change and modify their behaviour when appropriate to achieve organizational objectives. They are effective in the face of ambiguity. They understand and use change management techniques to help ensure smooth transitions.

Category
Software and Programming Engineering Information Technology