Information & Cyber Security Specialist

Information & Cyber Security Specialist role at FirstOntario Credit Union. This senior-level position is critical to enhancing the enterprise security posture through leadership in risk management, compliance, and secure project delivery. The role will work cross-functionally to embed security into business processes and technology initiatives, ensuring alignment with regulatory and organizational standards.

• Aid in the development and implementation of enterprise-wide information security strategies.
• Provide expert guidance on secure architecture, design, and principles during IT and business project lifecycles.
• Act as a security advisor for technology initiatives, ensuring alignment with best practices and compliance requirements.
• Participate in the execution of an enterprise Business Continuity Plan and Disaster Recovery Plan.
• Conduct information security risk assessments and threat modeling.
• Contribute and manage risk registers and mitigation plans.
• Ensure compliance with regulatory frameworks (e.g., ISO 27001, NIST, PCI-DSS, FSRA / OFSI, PIPEDIA / CPPA).
• Support internal and external audits and lead remediation efforts.
• Contribute to information security policies, standards, procedures, and guidelines.
• Collaborate on IT Governance, Risk, and Compliance (GRC) initiatives.
• Monitor, respond, and report on security KPIs and KRIs.
• Monitor for security policy violations and recommend corrective actions.
• Oversee the configuration and monitoring of security technologies (SIEM, EDR, CASB, IDPS, firewalls).
• Lead investigations of complex security incidents and coordinate response and recovery.
• Conduct root cause analysis and develop post-incident improvement plans.
• Escalate and report on key incidents and progress of remedial efforts to management.
• Provide on-call support for end users for all security solutions (e.g., blocked email).
• Perform advanced vulnerability assessments and penetration testing; collaborate with teams to prioritize and remediate findings.
• Stay current with emerging threats and security technologies; propose process or technology improvements.
• Participate in the design and execution of penetration tests and security audits.
• Design and deliver targeted security awareness programs; lead quarterly audits including access reviews and privileged account management.
• Oversee physical security systems (access control, surveillance) and support data classification, protection, and governance initiatives.
• Perform other duties as assigned.

• College diploma or university degree in computer science or related field.
• 5-7 years of progressive experience in IT and Information Security roles.
• Actively pursuing or currently possess one or more of the following certifications: GIS P, Microsoft Security Operations Analyst, CAP, CISA, CCFP, CCSP, CISSP, CISM, GIAC, or Associate of (ISC)2.
• Proficient with SIEM, firewalls, data classification; proficient with EDR, CASB, IDPS and other security technologies.
• Strong knowledge of security frameworks and standards such as MITRE, CIS, NIST, PCI, COBIT and ISO 27001.
• Experience with Varonis is an asset.
• Experience advising on security in cloud, hybrid, and on-prem environments.
• Working technical knowledge of system vulnerability scanning and remediation.
• Strong understanding of OSI model, IP, TCP / IP, and other network protocols; strong knowledge of Windows and Linux operating systems.
• Familiarity with core banking system security is an asset.
• Proven analytical and problem-solving abilities; ability to prioritize and execute tasks in a high-pressure environment.
• Ability to conduct research into IT security issues and products; present ideas in business-friendly language.
• Excellent communication and stakeholder engagement skills; highly self-motivated, team-oriented, and collaborative.
• Must have on-call availability; valid driver’s license and ability to travel to branch locations as required.
• Lifting and transporting moderately heavy objects (e.g., computers and peripherals).

Accommodations for persons with disabilities are available upon request during the application process.

Note: This posting reflects current opportunities and may be updated. Referrals increase your chances of interviewing at FirstOntario Credit Union. Get notified about new Information & Cyber Security Specialist jobs in Hamilton, Ontario, Canada.

J-18808-Ljbffr