- (Reference :13802)
Specialist, IT Security
To be successful in this role, the incumbent must lead implementations and validate the documentation of measures meant to safeguard the IT assets against accidental or unauthorized modification, destruction or disclosure. Ensures the security (confidentiality and integrity) of corporate IT information by defining Standard Life security standards and planning the definition or update of security procedures. Participates in the definition and regular updates of security policies. Ensures the efficiency of implemented IT security measures.
* Creates, documents and maintains corporate computer security standards and procedures.
* Acts as a consultant on IT security related issues.
* Participates in initiatives meant to improve IT security, compliance and risk efficiency.
* Participates in the creation, documentation and maintenance of IT security policies.
* Creates and maintains Corporate IT security standards and procedures.
* Promotes and enforces corporate IT security standards and procedures.
* Assists IT staff in understanding and responding to IT security failures.
* Monitors IT security-related events to determine their causes and prevent them.
* Ensures an efficient monitoring of IT security accesses.
* Proactively ensures the protection of the integrity and confidentiality of IT information in the custody of or processed by the Company.
* Provides technical expertise and guides the administration of IT security tools that control and monitor information security.
* Participates in corporate projects on the matter of IT security, compliance and risk;
* Works with the audit department to meet compliance.
* Reports suspected IT security misuses to the Manager.
* Identifies and reports risks and weaknesses and applies operational controls to mitigate them.
* Ensures compliance with regulatory requirements and internal policies, especially those that reflect the need to protect the personal information of customers, intermediaries and employees.
* University degree in Computer Science, with a minimum of 7 years of experience in Information Technology and a minimum 4 years of experience in IT Security, Compliance or Risk.
* An IT Security designation (CISSP, CISM, SANS) is an asset.
* Experience in vulnerability assessment and penetration testing.
* Experience in logging and monitoring processes, preferably with ArcSight solution.
* Very good knowledge of various platforms computer security administration (Windows, Linux, AIX).
* Very good knowledge of telecommunication security.
* Very good knowledge of IT security methods.
* Very good knowledge of Firewalls and Internet security issues.
* Very good knowledge of security audit processes.
* Ability to communicate in both official languages.
* Cabable of working well under pressure.
Standard Life is a leading provider of long-term savings and investment solutions to over 6 million customers worldwide. Headquartered in Scotland, it has offices in the UK, Canada, Ireland, Germany, Austria, India, USA, Hong Kong and mainland China. In Canada, Standard Life has been doing business for over 175 years. With over 2,000 employees based in Montréal and in offices across Canada, it provides long-term savings, investment and insurance solutions to more than 1.3 million Canadians, including group insurance and retirement plan members.