Sign In or Sign Up

Senior Cyber Security Engineer


Head Office
Mississauga, Ontario

If you are looking to join one of Canada’s fastest growing companies, goeasy Ltd. is the place for you! Recently recognized as one of Canada’s Most Admired Corporate cultures in 2018, we want the best and brightest to join our team. We are a publicly traded company on the TSX with over 4000% shareholder return since 2001, goeasy operates two main business units. easyfinancial is our consumer lending business that offers secured and unsecured installment loans of up to $35,000 and easyhome is Canada’s largest  merchandise lease-to-own company. It is our mission to provide everyday Canadians the chance for a better tomorrow, today by giving them access to the credit they need and by offering them a second chance when they have been turned down by banks and traditional lenders. With a retail network of nearly 400 locations across Canada and over 1800 employees, we are able to build lasting relationships with our customers as we help them rebuild their credit and graduate towards prime rates and a brighter financial future. 

Goeasy is looking for a Senior Cyber Security Engineer to develop and maintain design plans for the overall logical and technical IT security architecture. The incumbent must provide technical leadership and consulting expertise across the organization, from the point of strategic decision making down to project planning and execution.  The Security Engineer is also responsible for presenting findings and recommendations at all levels within the company to gain commitment for high-level security plans, as well as initiating and participating in projects to evaluate various technologies and methods for successfully implementing those plans.

Responsibilities:

  • Maintaining an in-depth knowledge of company’s strategic business plans.
  • Providing architectural consulting expertise, direction, and assistance to Business Systems Analysts, Business Solutions Architects, Infrastructure team, and Application Developers.
  • Evaluating and documenting the company’s existing security architecture and technology portfolio.
  • Identify potential sources of application security risk, prioritizing them based on risk impact.
  • Developing and documenting multiple options for revised IT architectures and changes to the technology portfolio, with recommendations for security optimization and cost/benefit analyses for each option.
  • Provide guidance on Threat Assessment and Response initiatives in alignment with the strategic and operational objectives of the technology organization and the business.
  • Understanding and articulating to key stakeholders how information aspects of the Security Architecture help achieve business strategy.
  • Developing, documenting, communicating and enforcing a technology standards policy.
  • Conducting research on emerging technologies in support of infrastructure development efforts, and recommending technologies that will increase cost effectiveness and infrastructure flexibility.
  • Designing, developing and overseeing implementation of end-to-end integrated security systems.
  • Identifying where change is required (development of a Gap mitigation plan) in order to keep the Security Architecture vital, sustainable and ready to support business capabilities.
  • Ensuring alignment between different domains of IT architecture.
  • Defining the Security Architecture framework in order to have non-redundant, integrated, cost-effective solutions with a common foundation for all system.
  • Help define and articulate a strategic roadmap to enable Goeasy`s current and future security needs, based on the IT strategic roadmap and Business strategy.
  • Support other domain architects - Address technical architectural issues throughout the construction of a solution to ensure that it remains true to the defined technical solution architecture.
  • Collaborating with end users and senior management to define business requirements in support of complex systems development efforts and to gain buy-in for all technology plans.
  • Accountable to engage with the organization and IT team to identify and prioritize continuous improvement in Cyber response capabilities. 
  • Provide guidance for the delivery of the Cyber Incident Response Program.
  • Work with external (Third parties) and internal clients (Internal Audit) to remediate identified gaps.
  • Reviewing new and existing IT projects, systems designs and procurement/outsourcing plans for compliance with IT standards and architectural plans.
  • Providing guidance to junior members of the team.
  • Occasional after-hours work required.

 

Qualifications:

  • University degree in Computer Science, Engineering, Mathematics or a related disciple.
  • Security, infrastructure and application design certifications preferred.
  • 10+ relevant experience, with 5+ years’ work experience as an Security Engineer/Architect.
  • Good understanding of application security concepts such as SAST & DAST
  • Good understanding of the architectural principles of cloud-based platforms including IaaS, PaaS and SaaS.
  • Hands-on experience with business requirements gathering and analysis.
  • Proven experience in systems design and development.
  • Strong understanding of information processing principles and practices.
  • Knowledge of security standards (ISO 27001, NIST 800-53, etc.) frameworks (NIST Cybersecurity, etc.) and regulations (particularly in financials) is preferred.
  • Solid knowledge of network technologies, hardware platforms and operating systems.
  • Solid understanding of security requirements through entire technology stack.
  • Solid Knowledge of current software, protocols and standards.
  • Excellent knowledge of hardware and software evaluation principles and practice.
  • knowledge of multiple programming languages and development methodologies.
  • Knowledge enterprise security practices.
  • Proven project planning and management experience.
  • Strong knowledge of Cyber Simulations, Threat Modelling, and Penetration testing
  • Good knowledge of applicable data privacy practices and laws.
  • Exceptional analytical, conceptual, and problem-solving abilities.
  • Excellent understanding of the organization’s goals and objectives.

Inclusion and Equal Opportunity Employment

goeasy is an equal opportunity employer. In addition, goeasy is committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada.   Please let us know if you require an accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.

 

Additional Information:

All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire. 

We thank all interested applicants; however, we will only be contacting those for interview who possess the skills and qualifications outlined above.

 

Why should you work for goeasy?

To learn more about our great company please click the links below:

#LI-POST

Skip to the main content