Manager, Security Monitoring and Response - Payments Canada.

| What we are looking for

Reporting to the Director, Cyber Security and Operations, the Security Monitoring and Response Team plays an integral role within Payments Canada. Working alongside the Detection & Engineering and Cyber Threat Intelligence teams, they oversee security monitoring and respond to cyber threats on behalf of the organization. The team plays a critical role in helping to develop many of Payments Canada’s security policies, standards, and programs and ensures that these remain sound, guiding mitigation activities to reduce the impact of risks that are applicable to Payments Canada.

| A day in the life

Responsibilities of the Manager, Security Operations includes but is not limited to:

Security Monitoring and Response:

• Provide guidance and assistance on existing and emerging security risks and opportunities.

• Act as a subject matter expert in the identification, detection and response to cyber security incidents.

• Develop and maintain the security operations Concept of Operations and various operational procedure and playbook documents to inform how process, people and technology come together to execute Security Monitoring and Response functions.

• Develop an understanding of business context to guide the development of customized security operations techniques, procedures and technology.

• Lead the investigation of security incidents and provide security expertise to response teams.

Contacts and Communications:

• Maintain a strong grasp of security strategy, solid security subject matter expertise, and strong interpersonal and communication skills to present recommendations in a compelling manner to all audiences, including technical staff, executive management and clients.

• Collaborate with business and IT leaders in setting and executing security incident action plans.

• Foster trusted relationships across the organization and with external stakeholders to broker security in a practical and sustainable manner.

• Establish, build, and maintain relationships within and throughout the Payments ecosystem and build the influence and reputation of Payments Canada.

• Collaborate with Payments Canada members, user groups, and security specialist groups to gather and provide information, advice and solutions on security management issues.

Security Program Delivery and Development:

• Assist in the conduct of threat, risk and vulnerability assessments and the associated analysis and reporting on findings, and action mitigations.

• In coordination with the Security Testing Lead, develop and maintain the skill and knowledge level of your team and individual analysts in the execution of various Security Monitoring and Response functions.

• Support the delivery of security across the organization.

Leadership, People and Team Development:

• Provide strong leadership to the team, ensuring the necessary tools and support are in place to enable the team to be successful.

• Monitor and measure performance of goals against strategic goals, as well as plans in support of the corporate scorecard.

• Attract and retain professionals with the skill sets and competencies needed to deliver strategic priorities.

• Responsible and accountable for all aspects of the talent management cycle (i.e., workforce planning, recruitment, performance management, staff development, succession) for the team, including developing group and individual development plans for team members to support a culture of continuous learning and development.

| What you need to be successful

• Post-secondary education, or equivalent experience, in computer science, information technology, security management, criminology, or intelligence studies.

• Minimum seven (7) years progressive experience in Information Systems and Information Security.

• Minimum five (5) years of relationship management and/or leadership experience.

• Minimum five (5) years of experience in Security Operations, Defensive Cyber Operations, and Incident Response.

• Experience with security frameworks such as ISO2700x or NIST standards.

• Knowledge of information security principles, practices, technologies, and procedures.

• Knowledge of Network Infrastructure Systems, firewall and intruder detection systems, and security architecture.

• Knowledge of VMWare, Cloud computing, PKI, Linux/UNIX, Java, web, and log correlation systems.

• Ability to identify and understand cyber threats and trends and apply security knowledge to strengthen defenses.

• Eligibility to obtain and maintain a Government of Canada Reliability Clearance and successfully complete enhanced background checks that may be carried out by Payments Canada.

| You will really stand out with

• ITIL certification is considered an asset.

• Bilingualism (English and French) is considered an asset.

| Salary range

• Based on qualifications and experience: $112,364 and $140,455.