Security Consultant

Who is Beovexis:

Beovexis Insurance Company of Canada is a leading home and auto insurer focused on providing its customers prevention and protection products and services for every stage of life. The company is proud to have been named a Best Employer in Canada for nine consecutive years and prioritizes supporting employees and fostering an inclusive, welcoming corporate culture. Beovexis is committed to making a positive difference in the communities in which it operates through partnerships with charitable organizations, employee giving and volunteerism. Serving Canadians since 1953, Beovexis strives to provide reassurance with its "Youre in Good Hands®" promise.

Through our Employee Value Proposition, Opportunity, Flexibility, Community, Diversity and Family, we have worked hard to develop and nurture a culture where employees feel valued, experience personal growth, have career options and truly enjoy the work they do.

Benefits to joining Beovexis

• Flexible Work Arrangements
• Employee discounts (15% on auto and property insurance, plus many other products and services)
• Good Office program (receive up to 400$ back after purchasing office equipment)
• Student Loan Payment Matching Program for Government Student loans
• Comprehensive Retirement Savings Program with employer matched contributions
• Annual Wellness allowance to support employees with improving health and wellbeing
• Personal reflection day
• Tuition Reimbursement
• Working within the community and giving back!

Job Description:

The Security Consultant will be a subject matter expert in cyber security and support the Manager, Security Advisory and Consulting in stakeholder management by maintaining strong relationships with External/Internal Audit, Risk & Compliance, Privacy, IT Infrastructure and Operational Business Units. This senior role will provide overall strategic and tactical cybersecurity leadership to IT teams and business users in major project initiatives and new product development.

Accountabilities

• Provide Security Advisory & Consultation services for product/service acquisition, solution design, implementation and management of major IT systems, projects, initiatives, M&A, new product development.
• Review and interpret requirements documentation, architecture diagrams and solution designs to help determine the feasibility of a project and its security risk.
• Lead the cybersecurity risk and control design reviews for application, process, operations and overall enterprise initiatives.
• Perform thorough and timely threat risk assessment (TRA) on applications, systems, processes and solution integrations, including cloud-based solutions and vendor services.
• Perform Third Party Supplier Assurance and Risk Assessments.
• Provide feedback to and participate in the ongoing maturity of the ACG risk assessment process.
• Must understand risk-based approach, balancing business needs against potential risks. To provide effective and cost beneficial risk treatment strategies and facilitate remediation tasks with other operational teams.
• Define, develop, implement and manage Security Policies, Standards & Procedures that mitigate risk and maximize security, service availability, efficiency and effectiveness.
• Work with various stakeholders and project teams to ensure the design and implementation of resilient security architecture and technologies for optimal threat protection, monitoring and incident response.
• Develop on-going technology risk reporting, monitoring key trends and defining security metrics to measure control effectiveness, compliance and continuous improvement.
• Monitor and advise on cyber security compliance related to IT to ensure internal security controls are functioning appropriately.
• Advise the organization about emerging cyber security threats, technologies and related regulatory requirements.
• Consult on regulatory compliance requirements, reporting and enquiries.
• Provide support and consultation for audits, and assist with formulating management responses and appropriate remediation activities.

Qualifications & Experience

• Education or equivalent working experience: A bachelors degree in Computer science, Computer Engineering or equivalent.
• Experience:
• 7+ years in Cyber Security consultative role roles, preferably within the financial services industry and/or other large/multi-national organization.
• Professional certification: Security certification of one or more of the following: CISSP, CRISC, CCSP, CISM, CISA.
• High degree of professionalism, work ethic, integrity and passion for Information Technology and Security
• Proven leadership qualities and ability to build strong working relationships.
• Self-directed with ability to work independently, prioritize and execute autonomously.
• A Team player with ability to communicate and collaborate effectively across the organization and operate effectively with multiple cross-departmental teams towards a shared goal.
• Strong problem solving and critical thinking skills.
• Practical and deep knowledge of security risk management methodologies and frameworks.
• Extensive cybersecurity consulting experience for large IT projects.
• Experience in assessing third party service providers.
• Experience with enterprise security platforms and architectural design. Strong preference to candidates with proven Cloud Computing experience.
• Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
• Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
• Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.

Bonus Qualifications:

• Experience working in Agile Framework a definite asset.

Beovexis Canada Group has policies and practices that provide workplace accommodations. If you require accommodation, please let us know and we will work with you to meet your needs.