Team Lead, Security Operations Centre (JSOC)

Questrade Financial Group (QFG), through its companies - Questrade, Inc., Questrade Wealth Management Inc., Community Trust Company, ThinkInsure, Zolo, and Flexiti, provides securities and foreign currency investment, professionally managed investment portfolios, mortgages, insurance, real estate services, financial services and more. Questrade uses cutting-edge technologies to develop innovative products that give customers better, more affordable ways to take control of their money.

We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.

This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, with a hybrid working environment you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at QFG.

What’s in it for you as an employee of QFG?

• Health & wellbeing resources and programs
• Paid vacation, personal, and sick days for work-life balance
• Competitive compensation and benefits packages
• Work-life balance
• Career growth and development opportunities
• Opportunities to contribute to community causes
• Work with diverse team members in an inclusive and collaborative environment
  
  
  

What’s it like working as a Team Lead, Security Operations Centre (JSOC) at Questrade?

We’re looking for a Team Lead for the Cybersecurity Threat & Vulnerability Management team to join us. Reporting to the Senior Manager within the Joint Security Operations Centre team, the Team Lead will play a key role in protecting the organization and driving security improvements.

The Team Lead role is within the CISO department, and is responsible for leading the Threat and Vulnerability Management team staff and overseeing all infrastructure threat and vulnerability management related activities, and for maintaining and enhancing the relevant aspects of the enterprise information security program to ensure the team, processes, and procedures are robust and effective.

You will be responsible for translating IT security risk, best practices, regulatory requirements, and business goals and constraints into technical and process controls and specifications, and for developing and reporting on metrics for ongoing operational performance. You will be coordinating and have responsibility for the organization's technical activities to implement and manage the related security tools to lead and mature our Threat and Vulnerability Management Program.

You will act as an empowered representative during cybersecurity and technology planning initiatives to ensure that the principles of security-by-design and privacy-by-design are incorporated into operational planning and consistently followed, and that service expectations are clearly defined and delivered.

You will work closely with Cybersecurity and IT teams to align priorities and execute plans. You will contribute to process improvements, cybersecurity operations strategy, team building\mentoring\coaching.

Need more details? Keep reading...

You will:

• Train, and manage the day-to-day activities of a team of cybersecurity professionals in different geographical locations and time zones.
• Conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
• Work closely with the various CISO teams including Cyber Threat Intelligence, Incident Response and Application Security Engineering, and Cyber Technical Assurance on operational activities and quarterly initiatives.
• Collaborate with technology and business departments to drive continuous improvement of our vulnerability detection and remediation capabilities within our on-premise and cloud based environments.
• Clearly communicate technical ideas, strategies, and performance reports to non-technical audiences, including Executive Leadership, via multiple mediums (e.g., written communications, verbal communications, presentation decks, etc.).
• Champion new opportunities for automation, innovation, and technical excellence, bringing thought leadership and deep technical expertise to drive adoption.
• Develop and drive quarterly planning and annual roadmap for development of the Threat and Vulnerability Management capabilities.
• Manage and elevate comprehensive approaches to identifying, analyzing and addressing security flaws or vulnerabilities in systems and software that could serve as attack vectors.
• Recommend and facilitate the implementation of technical capabilities within our scanning tools to support and enforce best practices.
• Responsible for monitoring and reviewing scanning results for company run vulnerability scans and 3rd party scans and tracking remediation of vulnerabilities.
• Develop and operationalize vulnerability management metrics for use by CISO and IT leadership on a monthly and quarterly basis to measure performance and mature programs.
• Ensure enhancement and maintenance of existing, and the creation of required new processes and procedures (emergency vulnerability remediation and vulnerability exceptions).
  
  
  

So are YOU our next Team Lead for the Cybersecurity Threat and Vulnerability Management team? You are if you have…

• 5+ years of experience in cybersecurity operations.
• Proven track record of managing and maturing an enterprise Vulnerability Management Program.
• Proven track record of building effective cybersecurity teams that are well integrated, proactive, and measured.
• Expertise in producing high-quality communication plans, presentations, and metrics based reporting.
• Hand on technical expertise in the following types of tools: infrastructure vulnerability scanning, cloud based scanning, breach and attack simulation, external attack surface management, network scanning
• Strong project and people management skills
• Knowledge of network infrastructure and the associated network protocols and concepts.
• Experience working with internal Audit/Governance/Risk/ and Compliance staff and with external auditors.
• CISSP certification is a plus.
  
  
  

Sounds like you? Click below to apply!

At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. This is an environment where individuals are treated with dignity and respect. Here, the unique skills and experience you bring will be valued. You will be supported and motivated, so that you can harness your unlimited potential. Our team reflects the diversity of the communities we serve and operate in. Having a collaborative and diverse team helps us push boundaries to bring the future of fintech into existence—not only for the benefit of our customers, but for those who build their career with us.

Questrade Financial Group of companies Applicant Tracking System utilizes artificial intelligence (AI) for application screening. The AI system operates on predetermined criteria, with final decisions subject to human review.

Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs.

Apply Now