Security Engineer (Endpoint Protection)

If you are looking to join one of Canada’s fastest growing companies, goeasy Ltd. is the place for you! Certified as a Great Place to Work®, recognized as Canada’s Most Admired Corporate Cultures, GTA's Top 100 Employers, one of Canada’s Top 50 Fintech’s, North America’s Most Engaged Workplaces, and placed on the 2022 Report on Business Women Lead Here list, we want the best and brightest to join our team.

We are a publicly-traded company on the TSX with over 4000% shareholder return since 2001. Accredited by the Better Business Bureau, goeasy Ltd is a Canadian company that provides non-prime leasing and lending services through easyhome, easyfinancial and LendCare.

Reporting to the Director, Cyber Defence, the Security Engineer will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents. They will also investigate incidents and determine the root cause, assess the extent of the damage, and provide recommendations on how to mitigate the impact of the incident.

What you’ll do:

• Provide vision and leadership for developing and supporting security initiatives
• Create reports on security incidents and provide recommendations to improve the security posture of the organization. Look after IT infrastructure, data and network from cyber threats and attacks
• Monitor and analyze security events and incidents from various sources, such as IPS/IDS, firewall, antivirus software
• Work on endpoint protection, filtering, Anti-Spam, Anti-Virus, and Data Loss/Leakage prevention O365 - exchange online, share point online and mange azure security
• Manage and track Internal PKI solution to ensure certificates are properly assigned and maintained
• Conducts risk assessments and supports the stakeholders in determining the appropriate treatment of identified risks; identify appropriate action plans for risk remediation. Participate in threat hunting and vulnerability management activities to proactively identify and remediate security weaknesses before they can be exploited by hackers
• Work with incident response and forensics teams, to coordinate response efforts in the event of a significant security incidents
• Assesses risks and internal control dependency on systems by identifying areas of non-compliance and evaluating risks related to key technology processes
• Co-ordinates timely activities as it relates to internal, external, and regulatory audit requests including SOX, SOC1, SOC2
• Partners with IT managers and team members to ensure risk and compliance issues are identified, defined, communicated, and addressed
• Assists in the creation and maintenance of the information security audit requests, and vendor assessments
• Performs consultation and development of the IT objectives and requirements of the risk program

What you bring:

• Minimum 4 years' experience as a Security Analyst/Engineer (preferably in a SOC – Security Operation Center)
• Degree or College Diploma in Information Technology or Cyber Security
• Certifications
  • CISSP (Preferred)
  • SOC certification (Preferred)
  • CISM (Preferred)
  • CISA (Preferred)
  • ITIL (Preferred)

• Working knowledge of security tools such as ZeroFOX, DigiCert, FreshService ticketing system, Sentinel One, Tenable, Splunk tools.
• Cyber incident response and SOC experience is highly desirable.
• Working in a Level 1 PCI DSS and SOC2 compliant environment is highly desired
• Experience managing activities in a SOX or Bill 198 compliant environment is preferred
• Security architecture and security strategy development is highly desired

Diversity, Inclusion, and Equal Opportunity Employment:

At goeasy, we believe that we can only be the best when people are able to bring their best selves to work every day. This means that we are committed to cultivating and preserving a work culture where we celebrate who we are, where everyone feels seen and heard and where every employee can fulfill their potential. As an equal opportunity employer, we are committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada. Please let us know if you require an accommodation during any aspect of the recruitment process and we will work with you to address your needs.

Additional Information:

All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.  We thank all interested applicants, however we will only be contacting those for interview who possess the skills and qualifications outlined above.

Why should you work for goeasy?

To learn more about our great company please click the links below:

http://goeasy.com/careers/