Specialist, Cyber Security

We are seeking a proactive and collaborative Cyber Security-by-Design Specialist to foster a strong security posture across our organization. This role is pivotal in building relationships with Business Units (BUs) and affiliates to understand their specific needs and challenges, and to proactively integrate security considerations throughout the entire system development lifecycle (SDLC). The specialist will work closely with development, architecture, product teams, BUs, and affiliates to ensure our products and services are secure by design, meeting the highest standards of confidentiality, integrity, and availability.

• Relationship Building: Cultivate and maintain strong relationships with BUs and affiliates to understand their business objectives, technical environments, and security requirements.
• Security Requirements Gathering: Collaborate with stakeholders, including BUs and affiliates, to define and document security requirements based on threat modeling, risk assessments, and industry best practices, tailoring solutions to specific needs.
• Architecture and Design: Participate in the design and architecture phases of projects, providing security expertise and guidance to ensure secure design principles are implemented, considering the perspectives of BUs and affiliates.
• Threat Modeling: Conduct threat modeling exercises, in collaboration with BUs and affiliates, to identify potential vulnerabilities and develop mitigation strategies that align with business priorities.
• Security Standards: Develop and maintain security standards, guidelines, and best practices for secure coding, configuration, and deployment, ensuring they are easily understood and adopted by BUs and affiliates.
• Training and Awareness: Develop and deliver security training and awareness programs tailored to the specific needs of different BUs and affiliates.
• Collaboration: Work closely with cross-functional teams, BUs, and affiliates to ensure security is integrated throughout the SDLC and across the organization.
• Documentation: Create and maintain comprehensive documentation of security designs, configurations, and procedures, ensuring it is accessible and useful for all stakeholders.
• Staying Current: Stay up-to-date with the latest security threats, vulnerabilities, and technologies, and proactively share this knowledge with BUs and affiliates.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3+ years of experience in cyber security, with a focus on security by design principles and a demonstrated ability to build strong relationships with business stakeholders.
• Strong understanding of secure software development lifecycle (SSDLC) methodologies.
• Knowledge of security standards and frameworks (e.g., NIST, ISO 27001).
• Experience with standard security practices and strategies
• Excellent communication, collaboration, and interpersonal skills, with the ability to explain complex security concepts to non-technical audiences.
• Excellent negotiating, decision making, organization skills
• Be highly self-motivated with proactive & creative approach to problem solving
• Strong analytical and critical thinking skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment
• Relevant certifications (e.g., CISSP, CSSLP) are a plus.
• High level of computer proficiency with Microsoft Office tools (Excel, Word, PowerPoint and MS Project)
• Bilingualism is an asset (French/English)

#LI-SS1