Specialist, Security Operations

Moneris
Job LocationGreater Toronto Area
Job TagCanada
Apply Now

Description:

Your Moneris Career – The Opportunity

You will lead the identification, reporting, and monitoring of all vulnerabilities affecting Moneris. Also, the Vulnerability and Penetration Testing specialist will lead the scoping, designing, and planning of penetration testing initiatives.

You will also have key responsibilities in reporting weekly and monthly vulnerability metrics to the Sr. Manager and CISO. Additionally, you will ensure continuous vulnerability scanning and reporting practices following PCI and Audit requirements.

In addition to maintaining routine vulnerability scanning and assessment efforts, you will monitor the threat landscape to assess, identify, report, and improve any vulnerability that may threaten Moneris.

Location: You will be based in our Toronto office and will work in a Hybrid model.

Reporting Relationship: You will report to Senior Manager, Security Operations.

Your Moneris Career – What you’ll do

  • Monitor the threat landscape to assess, identify, report, and remediate any vulnerability that may pose a threat to Moneris.
  • Conduct routine vulnerability scans and assessments on all assets and applications.
  • Identify and report all vulnerabilities, security gaps, and weaknesses.
  • Promote ongoing relationships with key stakeholders responsible for vulnerability remediation activities.
  • Collaborate and plan VM assessments with external business partners.
  • Scope, design and execute all penetration testing efforts.
  • Lead ad-hoc penetration testing efforts and related projects.
  • Produce weekly and monthly metrics on vulnerability status and remediation efforts to the Sr. Manager of Security Operations and CISO.
  • Meet all PCI and Audit requirements concerning Vulnerability Management.
  • Partner with application security and development teams on application-related vulnerabilities.
  • Become an important player to the Moneris Vulnerability Management strategy and Cyber Security vision.

Your Moneris Career – What you bring

  • Work experience in Vulnerability Management and Penetration Testing planning.
  • Demonstrated understanding of vulnerability management standards (e.g., NVD, CVE, CVSS, CWE, OWASP and others).
  • Experience in management and configuration of vulnerability assessment platforms (e.g., Rapid7 Insight VM, Nessus, Qualys VM, Kenna, Burp Suite, ZAP and others).
  • Experience with administration of ITSM solutions used for vulnerability tracking and reporting (Service Now SecOPS VM module, JIRA and others).
  • Knowledge of Risk-Based Vulnerability Management (RBVM) software and methodologies.
  • Familiarity with Cyber Kill Chain, MITRE AT&CK, NIST CSF and other frameworks.
  • Experience in developing and maintaining standard operating procedures for vulnerability management.
  • Reporting background.

Nice-to-have…

  • Experience with multiple cloud providers (Azure, Google, Amazon) and knowledge of how to identify and improve vulnerabilities on these platforms.
  • Experience with automation and orchestration tools or scripting.

Your Moneris Career – What you get

  • Comprehensive Total Rewards Program including bonuses and flexible benefits plans starting from Day 1
  • RRSP matching & defined contribution pension plan
  • Learning & development programs and resources including unlimited free access to LinkedIn Learning, Coursera and an Educational Assistance Program
  • Holistic approach to your well-being, with an Employee Assistance Program for you and your family, monthly wellness events and a supportive workplace culture
  • Company-wide paid year-end closure & personal time off (including religious, personal, and volunteer days)

Find out more about the work perks and benefits you get as a Moneris employee at Moneris.com/careers

Apply Now

Related Events

See All Events

Related Articles

See All Articles

Cybersecurity: Industry Professionals Share Tips and Tidbits

Two industry professionals from the Cybersecurity industry joined us for a webinar on Determining Which Cybersecurity Work Environment is Right for You. Read along as we highlight some key takeaways from that conversation where they discuss their work environments, workflows, and cultural impact.

Related Industries: Cybersecurity
Hand typing on keyboard.

STEM: Industry Professionals Share Tips and Tidbits

On International Women’s Day, a few of the ladies from Nike joined us for a discussion on women in STEM. Learn more about some of the key takeaways from breakout room sessions on Overcoming Barriers and International Work as a Woman in STEM.

Related Industries: Computer Science, Cybersecurity, Data Analytics, Data Science, FinTech, Product Management, Technology Project Management, Web Development
A woman stands in a lab coat.