With close to 50 years of physician-focused experience, MD has one main goal : to help Canada physicians and their families achieve financial well-being.
Our commitment to work / life integration, employee well-being and ongoing learning are key factors that contribute to our overall success.
For the sixth consecutive year, MD Financial Management has been recognized as one of the Achievers 50 Most Engaged Workplaces™ in North America.
The annual award, given by Achievers an industry-leading provider of employee recognition and engagement solutions commends top employers that display leadership and innovation in engaging their workforces.
What you will do :
The Security Risk Manager must be able to work independently and as part of a team with the need to lead and facilitate the gathering and analysis of security related data.
The Security Risk Manager performs two core functions for MD. The first is the day-to-day operations and project requirements to conduct risk assessments and provide security advice and guidance as required in the capacity of Security SME.
Secondary tasks include involvement in the planning and design of enterprise security architecture and security program, implementation of and maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.
The IT Security Analyst is expected to be fully aware, and guided, by MD’s security goals as established by its senior management and to actively work towards upholding those goals.
What You Need :
You hold a College diploma or university degree in the field of computer science and / or 3 or more years equivalent work experience.
One or more of the following certifications is desirable :
Knowledge of Windows, Unix and / or Networking technologies
Experience developing and implementing Policies, Procedures, Standards and Guidelines related to IT Security
Working knowledge of security risk management and BCP / DR
Strong understanding of threat and risk assessments
Familiarity with security program development
Understanding of IP, TCP / IP, and other network administration protocols.
Participate in the planning and design of enterprise security architecture, under the direction of the AVP Security / CISO, where appropriate.
Provide input to the AVP Security / CISO for enhancing the information security strategy when necessary.
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures)
Participate in the planning and design of an enterprise security program.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Assist others in understanding and implementing security policy objectives in ways that align with business objectives. Provide security input for business procedures, and new projects.
Assist in the management of the security awareness and training program
Participate in the planning and management of MD’s security awareness and training program
What You Bring :