Team Lead, Security Operations Centre (JSOC)

What’s in it for you as an employee of QFG? Health & wellbeing resources and programs  Paid vacation, personal, and sick days for work-life balance Competitive compensation and benefits packages Work-life balance  Career growth and development opportunities Opportunities to contribute to community causes Work with diverse team members in an inclusive and collaborative environment What’s it like working as a Team Lead, Security Operations Centre (JSOC) at Questrade? We’re looking for a Team Lead for the Cybersecurity Threat & Vulnerability Management team to join us. Reporting to the Senior Manager within the Joint Security Operations Centre team, the Team Lead will play a key role in protecting the organization and driving security improvements. The Team Lead role is within the CISO department, and is responsible for leading the Threat and Vulnerability Management team staff and overseeing all infrastructure threat and vulnerability management related activities, and for maintaining and enhancing the relevant aspects of the enterprise information security program to ensure the team, processes, and procedures are robust and effective.  You will be responsible for translating IT security risk, best practices, regulatory requirements, and business goals and constraints into technical and process controls and specifications, and for developing and reporting on metrics for ongoing operational performance. You will be coordinating and have responsibility for the organization's technical activities to implement and manage the related security tools to lead and mature our Threat and Vulnerability Management Program. You will act as an empowered representative during cybersecurity and technology planning initiatives to ensure that the principles of security-by-design and privacy-by-design are incorporated into operational planning and consistently followed, and that service expectations are clearly defined and delivered. You will work closely with Cybersecurity and IT teams to align priorities and execute plans. You will contribute to process improvements, cybersecurity operations strategy, team building\mentoring\coaching. Need more details? Keep reading...  You will: Train, and manage the day-to-day activities of a team of cybersecurity professionals in different geographical locations and time zones. Conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.  Work closely with the various CISO teams including Cyber Threat Intelligence, Incident Response and Application Security Engineering, and Cyber Technical Assurance on operational activities and quarterly initiatives.  Collaborate with technology and business departments to drive continuous improvement of our vulnerability detection and remediation capabilities within our on-premise and cloud based environments. Clearly communicate technical ideas, strategies, and performance reports to non-technical audiences, including Executive Leadership, via multiple mediums (e.g., written communications, verbal communications, presentation decks, etc.). Champion new opportunities for automation, innovation, and technical excellence, bringing thought leadership and deep technical expertise to drive adoption. Develop and drive quarterly planning and annual roadmap for development of the Threat and Vulnerability Management capabilities.  Manage and elevate comprehensive approaches to identifying, analyzing and addressing security flaws or vulnerabilities in systems and software that could serve as attack vectors. Recommend and facilitate the implementation of technical capabilities within our scanning tools to support and enforce best practices. Responsible for monitoring and reviewing scanning results for company run vulnerability scans and 3rd party scans and tracking remediation of vulnerabilities. Develop and operationalize vulnerability management metrics for use by CISO and IT leadership on a monthly and quarterly basis to measure performance and mature programs. Ensure enhancement and maintenance of existing, and the creation of required new processes and procedures (emergency vulnerability remediation and vulnerability exceptions).  So are YOU our next Team Lead for the Cybersecurity Threat and Vulnerability Management team? You are if you have… 5 years of experience in cybersecurity operations. Proven track record of managing and maturing an enterprise Vulnerability Management Program. Proven track record of building effective cybersecurity teams that are well integrated, proactive, and measured. Expertise in producing high-quality communication plans, presentations, and metrics based reporting. Hand on technical expertise in the following types of tools: infrastructure vulnerability scanning, cloud based scanning, breach and attack simulation, external attack surface management, network scanning  Strong project and people management skills Knowledge of network infrastructure and the associated network protocols and concepts.  Experience working with internal Audit/Governance/Risk/ and Compliance staff and with external auditors. CISSP certification is a plus.  Sounds like you? Click below to apply!  #LI-MM1 #LI-Remote