Security Risk Manager
MD Financial Management Inc.
Ottawa, ON, CA
4d ago

With close to 50 years of physician-focused experience, MD has one main goal : to help Canada physicians and their families achieve financial well-being.

Our commitment to work / life integration, employee well-being and ongoing learning are key factors that contribute to our overall success.

For the sixth consecutive year, MD Financial Management has been recognized as one of the Achievers 50 Most Engaged Workplaces™ in North America.

The annual award, given by Achievers an industry-leading provider of employee recognition and engagement solutions commends top employers that display leadership and innovation in engaging their workforces.

What you will do :

The Security Risk Manager must be able to work independently and as part of a team with the need to lead and facilitate the gathering and analysis of security related data.

The Security Risk Manager performs two core functions for MD. The first is the day-to-day operations and project requirements to conduct risk assessments and provide security advice and guidance as required in the capacity of Security SME.

Secondary tasks include involvement in the planning and design of enterprise security architecture and security program, implementation of and maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.

The IT Security Analyst is expected to be fully aware, and guided, by MD’s security goals as established by its senior management and to actively work towards upholding those goals.

What You Need :

You hold a College diploma or university degree in the field of computer science and / or 3 or more years equivalent work experience.

One or more of the following certifications is desirable :

  • CompTIA Security+
  • SANS certifications
  • CISA and / or CRISC
  • CISSP or Associate of (ISC)2
  • Knowledge of Windows, Unix and / or Networking technologies

    Experience developing and implementing Policies, Procedures, Standards and Guidelines related to IT Security

    Working knowledge of security risk management and BCP / DR

    Strong understanding of threat and risk assessments

    Familiarity with security program development

    Understanding of IP, TCP / IP, and other network administration protocols.

    Participate in the planning and design of enterprise security architecture, under the direction of the AVP Security / CISO, where appropriate.

    Provide input to the AVP Security / CISO for enhancing the information security strategy when necessary.

    Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures)

    Participate in the planning and design of an enterprise security program.

    Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

    Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

    Assist others in understanding and implementing security policy objectives in ways that align with business objectives. Provide security input for business procedures, and new projects.

    Assist in the management of the security awareness and training program

    Participate in the planning and management of MD’s security awareness and training program

    What You Bring :

  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Excellent written, oral, and interpersonal communication skills.
  • Ability to conduct research into IT security issues and products as required.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Highly self-motivated and directed.
  • Keen attention to detail.
  • Ability to work individually and in a team-oriented collaborative environment.
  • Manage and lead meetings and facilitated sessions to collect and document security related data
  • Identify security risks and interpret the implications of that activity and devise plans for appropriate resolution.
  • Participate in corporate and IT related projects as a Security SME.
  • Maintain internal security assessments.
  • Provide support to BCP Manager
  • Coordinate activities with other risk and regulatory entities within MD (e.g. Legal, Privacy, Compliance, etc.)
  • Participate in the design and execution of threat and risk assessments, security tests and security audits.What Success Looks Like :
  • You are technology savvy and endeavor to find new and exciting ways to use technology.
  • You feel rewarded and recognized in a way that inspires you to do your best work.
  • You are engaged, enthusiastic and clearly understand how what you do contributes to MD’s overall success
  • You take great pride in the effective and thorough working relationships you have developed across MD.
  • You are constantly learning and honing your skills.
  • Apply
    Add to favourites
    Remove from favourites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form