Manager, Information Security Operations

Toronto, Ontario


Manager, Information Security Operations

  • posted on: 15/05/2014


reference #272380
position type:Permanent

"Must have" skills

(These are skills that are absolutely required by the employer.)

University Degree -(>5Y)
Excellent Communications Skills -(>5Y)
Information security -(>5Y)
Change Management -(3-5Y)
Vendor Management -(>5Y)
Security -(>5Y)
PCI (Payment Card Industry) experience -(3-5Y)
iso -(3-5Y)
UNIX -(3-5Y)
MS Windows -(3-5Y)

"Nice to have" skills

(These are skills the employer would like to have, but would be willing to go without.)

EMV (Europay,MasterCard,Visa) chip cards -(>5Y)


Our client is seeking a Manager, Information Security Operations

Key Accountabilities

Security Operations and Administration:

-Primary lead responsible for development, oversight and lead support activities for the Security Event and Incident Management Program (SEIM) supporting commercial & corporate services, including some afterhours support as required addressing security related incidents.
-Manage and support Cybercrime protection services (i.e. phishing monitoring services).
-Support internal Operations staff, as needed, on security requirements for implementation of existing services for new Members and Participants.
-Responsible for security change management (CAB) activities for corporate and commercial systems.

Program Management:

-Act as security lead on small and large scale Operations and Business projects, performing threat risk assessments and providing input into security requirements for the organization’s business and payments products and services.
-Responsible to act as subject matter expert and advise on security requirements for Product regulations etc.
-Work with senior Product and Legal staff to finalize and implement requirements.
-Responsible to develop security standards, procedures and processes for corporate networks and systems.
-Work with Operations teams to develop and implement security standards and processes for third party vendor managed services including network & systems processing, application development and ITO managed security services programs.
-Manage external consultant resources as required in support of special security projects.
-Responsible to develop and manage an Information Security Vulnerability Management program including measurement and reporting programs for security threat metrics and reporting for corporate and commercial networks and systems.
-Manage security programs for staff training including, conducting training sessions for information security control policies and general security awareness programs.
-Keep up to date on advancements in Information Security technologies through ongoing training, conferences, participation with security organizations.
-Represent the organization and participate on industry technical security knowledge forums.

Key Working Relationships

-Corporate staff at all levels.
-Outsourcing vendors.
-Managers and Executive staff.
-Senior Security Consultants.
-Members and Participants.
-Senior Security internal staff.

Skills/Competencies Required

-Strong knowledge of the commonly-used concepts, practices, technologies and procedures within the Information Security field including, but not limited to, network & systems security, application & data security, encryption technologies, security monitoring and vulnerability analysis and security incident management.
-Strong technical background including experience working with and establishing security requirements for large scale payment systems networks and applications, including but not limited to, UNIX and Windows platforms, virtualization technologies, Cloud, Mobile, Wireless technologies, Firewalls, IDS & IPS, etc.
-Experience managing network and systems security services with ITO service providers and Security Incident Management.
-Strong working knowledge of security industry standards such as PCI and ISO.
-Strong experience in security operations, cyber security and online threats metrics and reporting.
-Experience supporting security programs for financial payment services and EMV knowledge is an asset.
-Strong communication skills including technical and business writing.
-Good presentation skills.
-Strong organizational skills.
-Self-motivated and outgoing team player able and willing to multitask.
-Experience participating on external technology and/or security forums.
-Staff supervision experience is an asset.

Professional Experience & Education

-Degree or Diploma in Computer Science and /or Information Technology or equivalent combination of education and work experience.
-5-10 years solid work experience in the field of Information Security with a strong technical background
-CISSP certification.

For immediate consideration, don’t delay, apply online today!