Chef de la gestion des vulnérabilités -‘Red Team' / Vulnerability management lead - Red Team
CAE
Montreal
2d ago

CAE is a global leader in training for the civil aviation, defence and security, and healthcare markets. Backed by a 70-

year record of industry firsts, we continue to help define global training standards with our innovative virtual-to-live training solutions to make flying safer, maintain defence force readiness and enhance patient safety.

We have the broadest global presence in the industry, with 8,000 employees, 160 sites and training locations in over 35 countries.

Each year, we train more than 120,000 civil and defence crewmembers and thousands of healthcare professionals worldwide.www.cae.com

Chef de la gestion des vulnérabilités Red Team’ / Vulnerability management lead Red Team

Position Type : Regular

Regular

Role and Responsibilities

Profil du poste

Le candidat sera responsable de diriger :

  • le processus de gestion des vulnérabilités;
  • les approches et les méthodologies utilisées pour les tests d’intrusion;
  • de la gestion du programme de vulnérabilité, notamment l’infrastructure, l’application et la présence Web;
  • de la définition des services de sécurité et de leur évolution en ce qui concerne la gestion de la vulnérabilité.
  • Il contribuera aux éléments suivants :

  • approches pour intégrer la sécurité dans le cycle de vie du projet et le cycle chronologique d’élaboration de systèmes / DevOps’;
  • stratégies, programmes et différentes initiatives en matière de sécurité;
  • enquêtes sur les incidents et investigations;
  • analyse des nouvelles solutions de sécurité;
  • activités de veille stratégique relative aux menaces.
  • Le titulaire du poste est un membre actif du groupe sur la sécurité et il participe à l’évolution de l’environnement en matière de sécurité.

    Qualifications

  • Baccalauréat en technologie de l’information ou autre programme pertinent
  • Dix (10) années d’expérience en sécurité des TI.
  • Connaissance approfondie des tests d’intrusion.
  • Connaissances et expérience approfondies en sécurité des TI, en infrastructures et en télécommunications.
  • Connaissances approfondies en sécurité Web, des applications et des bases de données.
  • Bonne capacité d’analyse.
  • Certifications en tests d’intrusion, un atout.
  • Connaissance des cadres de contrôle et de la sécurité des TI (NIST, CIS, ISO, OWASP, etc.) et bonne compréhension des contrôles généraux en matière de TI.
  • Connaissance de l’industrie de l’aérospatiale, un atout.
  • Direction d’initiatives en matière de gestion des vulnérabilités.
  • Sens de l’initiative, leadership, souci du service à la clientèle
  • Sens de l’innovation, créativité et responsabilité, un atout.
  • Motivation personnelle, dynamisme, esprit d’équipe
  • Approche axée sur les résultats et le respect des engagements.
  • Bonnes compétences relationnelles : capacité d’influencer et d’interagir avec des membres du personnel, des pairs et des clients sur les plans technique et professionnel.
  • Bilinguisme (français et anglais) requis.
  • Position profile

    The incumbent is responsible for

    leading :

  • Vulnerability management process
  • Intrusion testing methodologies and approaches
  • Vulnerability management program including, infrastructure, application and Web presence
  • Definition of security services and its evolution with regards to vulnerability management
  • Contributing on

  • approaches to integrate security within the Project Life cycle and SDLC / DevOps
  • Security strategies, program and different initiatives
  • Incident investigation and forensic
  • Analysis of new security solutions
  • Threat intelligence activities
  • This person is an active member of the security group and participates in security environment evolution

    Qualifications

  • Bachelor’s or Information Technology degree in Information Technology or other relevant programs
  • Ten (10) years’ experience in IT security
  • In-depth knowledge of intrusion testing
  • In-depth knowledge and experience in IT Security, infrastructure and Telecommunications.
  • In-depth knowledge of web, application and database security
  • Good analysis capability
  • Certifications in intrusion testing will be an asset
  • Knowledge IT security and control frameworks (NIST, CIS, ISO, OWASP, etc) and a good understanding of IT General Controls.
  • Aerospace industry knowledge would be considered an asset.
  • Led vulnerability initiatives
  • Excellent people-management skills, ability to lead and delegate
  • Initiative, leadership, customer focus
  • Results oriented and meeting commitments.
  • Innovation / Creativity / Accountability is an asset.
  • Self-motivated, dynamic, and team player.
  • Ability to interact with staff, peers and customers on a technical and professional level
  • Bilingualism (French and English) is required.
  • CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.

    Equal Employment Opportunity

    CAE is firmly committed to ensuring a positive and professional working environment in which all people are treated with dignity and respect.

    We aim to provide a fair and consistent method for filling job openings in support of equality of opportunity and cultural diversity within the company.

    The masculine gender is used throughout this job description solely to make the text easier to read and therefore applies to both men and women.

    Apply
    Add to favourites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form