Cyber Security Engineer

If you are looking to join one of Canada’s fastest growing companies, goeasy Ltd. is the place for you! Recognized as one of the Top 30 Performing Stocks on the TSX, Canada’s Top Growing Companies, Most Admired Corporate Cultures, Top 50 Fintech’s, and one of North America’s Most Engaged Workplaces, we want the best and brightest to join our team.

We are a publicly traded company on the TSX with over 4000% shareholder return since 2001, goeasy operates two main business units. easyfinancial is our consumer lending business that offers secured and unsecured installment loans of up to $35,000 and easyhome is Canada’s largest merchandise lease-to-own company. It is our vision to provide everyday Canadians the path for a better tomorrow, today by giving them access to the credit they need and by offering them a second chance when they have been turned down by banks and traditional lenders. With a retail network of nearly 400 locations across Canada and over 1900 employees, we are able to build lasting relationships with our customers as we help them rebuild their credit and graduate towards prime rates and a brighter financial future.

goeasy is looking for a Cyber Security Engineer to develop and maintain design plans for the overall logical and technical IT security architecture. The incumbent must provide technical leadership and consulting expertise across the organization, from the point of decision making down to project planning and execution.  The Security Engineer is also responsible for presenting findings and recommendations at all levels within the company to gain commitment for high-level security plans, as well as initiating and participating in projects to evaluate various technologies and methods for successfully implementing those plans.

Responsibilities:

Security Operations:

• Collaborating with multiple support teams, business users and senior management to triage, analyze and resolve security incidents.
• Partner with the SOC to monitor refine and expand our SIEM platforms.
• Provide guidance for the delivery of the Cyber Incident Response Program.
• Partner with infrastructure, application engineering and other business units to ensure infrastructure is well positioned to meet required use cases.
• Be on-call to support the operational activities.

Security Architecture:

• Providing architectural consulting expertise, direction, and assistance to Business Systems Analysts, Solutions Architects, Infrastructure team, and Application Developers.
• Defining the Cloud Security Architecture framework to have non-redundant, integrated, cost-effective solutions with a common foundation for all system.
• Identify potential sources of systems security risk using various risk assessment methodologies.
• Accountable to engage with the organization and IT team to identify and prioritize continuous improvement in Cyber response capabilities. 
• Conducting research on emerging technologies in support of infrastructure development efforts and recommending technologies that will increase cost effectiveness and infrastructure flexibility.
• Designing, developing, and overseeing implementation of end-to-end integrated security systems.
• Understanding and articulating to key stakeholders how information aspects of the Security Architecture help achieve business strategy.
• Reviewing new and existing IT projects, systems designs and procurement/outsourcing plans for compliance with IT standards and architectural plans.

Security Governance:

• Work with external (Third parties) and internal clients (Internal Audit) for remediations.
• Developing, documenting, communicating, and enforcing a technology standards policy.

Qualifications:

• University degree in Computer Science, Engineering, Mathematics or a related disciple.
• Security, infrastructure and application design certifications preferred.
• 7+ relevant experience, with 5+ years’ work experience as an Security Engineer/Architect.
• Solid knowledge on Security Operations and ITSM functions (Incident, Change and Asset Management).
• Solid Knowledge of current software, protocols, and standards.
• Good understanding of the architectural principles of cloud-based platforms including IaaS, PaaS and SaaS.
• Hands-on experience with business requirements gathering and analysis.
• Proven experience in systems design and development.
• Strong understanding of information processing principles and practices.
• Solid knowledge of network technologies, hardware platforms and operating systems.
• Solid understanding of security requirements through entire technology stack.
• Basic understanding of application security concepts such as SAST & DAST
• Some knowledge of security standards (ISO 27001, NIST 800-53, etc.) frameworks (NIST Cybersecurity, etc.) and regulations (particularly in financials) is preferred.
• Excellent knowledge of hardware and software evaluation principles and practice.
• Basic knowledge of multiple programming languages and development methodologies.

Inclusion and Equal Opportunity Employment

goeasy is an equal opportunity employer. In addition, goeasy is committed to providing accommodations for applicants upon request at any stage of the recruitment process in accordance with all legislative requirements throughout Canada.   Please let us know if you require an accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.

Additional Information:

All candidates considered for hire must successfully pass a criminal background check, credit check, and validation of their work experience to qualify for hire.  

We thank all interested applicants, however we will only be contacting those for interview who possess the skills and qualifications outlined above.

Why should you work for goeasy?

To learn more about our great company please click the links below:

www.goeasy.com/careers

#LI-POST

PAID1234