IT Security Officer overseeing information security for a specific IT sector at Desjardins. Collaborating with cross - sector teams and managing information security risks and vulnerabilities.
About the role
- Associate, Information Security professional at Santander focusing on Vulnerability Management and network security exposure. Collaborating with teams to enhance security posture and manage technology risks.
Responsibilities
- Protect the Company, customers, and employees by identifying and mitigating technology threats to Santander
- Support and strengthen Santander’s vulnerability management program through scanning, analysis, prioritization, and remediation tracking
- Help identify security risks, configuration gaps, and control weaknesses across infrastructure, applications, and cloud services
- Partner with technology and business teams to drive timely remediation and improve security posture
- Gain exposure to regulatory expectations and enterprise security operations
- Build a strong foundation in cyber risk management, with optional growth into network security disciplines
- Create vulnerability scanning schedules and perform scans on a periodic and ad hoc basis to identify vulnerabilities
- Conduct vulnerability assessments on IT infrastructure, applications, and related information assets
- Support the operation and governance of the vulnerability management lifecycle
- Analyze and prioritize vulnerabilities using the Common Vulnerability Scoring System (CVSS), threat intelligence, exploitability, and business context
- Identify gaps and risks and drive remediation through closure within established timeframes
- Partner with infrastructure, application, cloud, and business teams to validate findings and support remediation planning
- Track remediation progress, escalate aging issues, and support risk acceptance processes when needed
- Establish, track, and report key vulnerability management metrics (e.g., scan coverage, SLA adherence, critical vulnerability aging)
- Participate in change request reviews assessing security risk and recommend solutions
- Perform risk assessments and/or control gap analysis against Information Security Policies and Standards
- Collaborate with technology teams to advise on secure implementation of solutions across the Santander environment
- Provide security input during solution design and change activities, ensuring controls are embedded early in the delivery lifecycle
- Translate information security requirements into practical, business-aligned guidance for partner teams
- Support automation of repetitive security and audit-related tasks using scripting tools and prompt engineering techniques
- Implement book-of-work projects and initiatives within scope, on time, and within budget
- Establish and maintain appropriate governance forums and escalation paths
- Manage and monitor technology, audit, and regulatory risk through governance, oversight, reporting, and training initiatives
- Partner with examiners and auditors on technology examinations, gathering information and responding to findings
Requirements
- Bachelor's Degree or equivalent work experience: Computer Science or equivalent field
- 5+ Years Experience in information security, governance, IT audit, or risk management
- 5+ Years SAS experience
- Understanding of regulatory expectations related to technology and cyber risk (e.g., OCC, FFIEC, DORA, SOX, NYS DFS)
- Experience with cyber security and information security program management and frameworks (e.g., NIST CSF, ISO/IEC 27000, etc.)
- Working knowledge of security systems or tools such as Qualys, AlgoSec, Microsoft SCCM, Ansible, Red Hat Satellite, ServiceNow (SNOW), CMDB, etc.
- Proven ability to work in a team environment.
- Possess the ability to perform under pressure in a challenging environment.
- A hunger to learn and take on challenging opportunities, contributing to the success of the information security team.
- Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple tasks and projects.
- Must take ownership, demonstrate a sense of urgency, and ensure accuracy and quality.
- Certifications: CompTIA Security+, CompTIA Network+, CISSP
Benefits
- Competitive rewards package
- Support for you, your family, and your well-being
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IAM Security & Technology Governance person driving IAM technical program with cutting - edge technology to improve security posture at MUFG. Manage IAM requirements, standards, governance and solutions across global implementation.
Senior Analyst in Mastercard's newly created Vocalink Control Office supporting control testing across Security domains. Ensuring a strong control environment and identifying gaps for improvement.
Senior Analyst focusing on Information Security and Compliance at Cirque du Soleil. Engaging in threat analysis and improvement of security tools and processes, within a creative company culture.
Security Architect designing and implementing cybersecurity architectures for UK Defence projects. Collaborating with stakeholders to safeguard client data against cyber threats.
System Security Specialist analyzing risks and security controls for state agencies. Conducting assessments, providing advisory support, and strengthening cybersecurity posture.
Security Data Specialist supporting a large - scale cybersecurity assessment program for State government agencies. Transforming assessment data into actionable insights and enabling data - driven decision - making across stakeholders.
Trainee in Health & Safety supporting environmental and health safety processes at Hikma Pharmaceuticals. Collaborating on waste management and legal documentation while developing practical EHS skills.
Senior Security Engineer for Ro, enhancing SaaS security posture management and data loss prevention. Collaborating across teams to secure patient data and maintain compliance standards.
Senior Mainframe Security Engineer at Capital One, focusing on Identity Access Management using IBM z/OS and CICS Security. Collaborate on automation and security solutions in a fast - paced environment.