- 3699 63 Ave NE, Calgary, AB T3J 0G7
Senior Manager Cybersecurity and Security Assurance
Helping Albertans achieve their dreams by turning the complex world of banking into brilliantly simple solutions. That’s ATB Financial. Is that you?
Coach of the Year. Magnificent Mentor. Visionary. Motivator. Team Player. Whether at work or out in your community, you are the person that knows how to bring it all together. You’re a natural leader and your passion and excitement comes from knowing that your efforts make a significant difference in the lives of your team members, customers and the community around you.
As a part of the leadership team for the office of the CISO, the Senior Manager of Cybersecurity and Security Assurance is responsible for implementation and maintenance of the online security posture as well as validating protections in place. This is achieved through leading a talented team of Security Analysts as well as direct support for the Managing Director of Information Security.
If you are looking for an opportunity to share your extensive experience with your team, we want to hear from you!
The purpose of this position is to deliver and manage a team to:
Focus on the delivery of Cyber Security policies and processes to secure ATB systems and data against threat
Plan, Prepare and Execute validation activities to ensure new projects and operational systems adhere to Information Security policies and processes with a focus on reporting, tracking and closing identified issues.
Assess and Deliver vulnerability and penetration test efforts on projects and operational systems at ATB.
You will find success in your ability to:
Provide leadership, coaching and direction to a team of security professionals in the delivery of security services that have organizational wide impacts.
Continuously review processes and practices to meet objectives in a fast paced environment.
Design and implement appropriate access control mechanisms on all computing platforms to ensure information is protected according to security policies
Develop and maintain systems, applications, and programs required for Identity & Access Management, and Activity Logging & Monitoring
Implement appropriate security controls and policies as required by the security architecture as they relate to physical and logical security
From the architectural design, develop and implement the appropriate IAM security standards for IT infrastructure components (e.g., network, workstation, servers, host security module, etc.)
Participate in the Security Response Team for all Security incidents
Developing and maintaining the access control rules for systems, databases, networks and application; providing controlled access in accordance with owner-defined information access requirements
Actively participate in the application development/acquisition process to ensure security requirements are considered at all phases of application development/acquisition process - from definition of user requirements, through application design, construction/purchase, testing, production use of the system, and application retirement
Oversee Managed Security service contracts with external vendors ensuring communication of expectations and verification of delivery of services.
As the Ideal Candidate, you possess:
Leadership – History of leading teams of security or IT staff members and/or Managed service contracts.
Strong management and administration skills, with a demonstrated ability to lead change and solve problems
Excellent communication and relationship-building skills, with a demonstrated ability to work effectively within both the business and technical arenas
Well-developed analytical skills accompanied by proven decision-making experience
Demonstrated aptitude for continuous learning and innovative thinking
Excellent verbal and written communication skills, including polished presentation skills with the ability to deliver technical issues to both technical and non-technical audiences in a clear and understandable manner
Strong leadership skills with the ability to lead assignments/teams and mentor others
System Administration – experience as sysadmin for Unix or Unix+Windows in large environments, including familiarity with local/OS/software firewalls including Windows firewall, iptables, ipf, pf, or similar. Familiar with all aspects of operating system and application logging, including centralized logging, syslog, web logs, process auditing, and file integrity monitoring.
DBA – Familiar with two of: oracle, mysql, ms-sqlserver, postgres, SAP, DB2 in the context of transaction/audit logs, end-to-end security between servers as well as Clients & Servers, DB & Table Access Permissions, DRP (backups/restores/redundancy), sql injection, query performance tuning.
Networking – Familiar with OSI Layer 3-7, cloud services VPCs, vLans, private vLans, secure vLans, trunking, switching, routing, firewalls, reject/deny vs. drop, reverse tunnels, and solicited vs. unsolicited ingress & egress.
Penetration Testing – Familiar with PCI compliance, WebApp Pentesting, network scanning vs. agent based vulnerability management, policy compliance, ddos resiliency testing, and all modern tools involved in service exploitation
Vulnerability Management - Knowledge and experience in developing and implementing Vulnerability Management programs, initiatives, and capabilities.
Threat Intelligence - Experience building threat intelligence programs. Understanding of threat landscape and security intelligence in both the government and commercial space. Experience with threat research, threat modeling, and information security threat assessments. Ability to lead cybersecurity investigations and inspections to assess risk validate incidents, breaches. Experience hunting threat actors in large enterprise networks
Security Testing – Experience in managing Information Security Testing programs, including red team, penetration and vulnerability testing. Ability to build a red team and lead activities, manage vulnerability assessments, perform intrusion testing, vulnerability assessments and security scans to ensure efficiency of implemented controls and identify new gaps.
Third Party Security Assessment Program – Experience implementing and operating an effective program to continually assess third party relationships for the appropriateness of their security controls.
Expert knowledge of cyber security trends, technologies, and their applicability to the financial industry. Experience with security frameworks such as PCI DSS, ISO 27001/27002, CIS Critical Security Controls, NIST Framework for Improving Critical Infrastructure Security
Designations / Training Required / Prerequisites:
A minimum of 5 years of managerial experience in information security
Masters level education in a related field is required
Professional designation: CISSP, CISA, CISM, CBRM, CoBit Certification – desired but not required
Experience in information security in a regulated Financial industry strongly preferred.
Previous IT development and implementation experience.
Languge requirement: English. This is a permanent position located at our ATB Place location in downtown Edmonton at 10025 Jasper Ave NW, 105, Edmonton, AB T5J 2B8. NOC 0213 – Computer and Information Systems Manager. The salary range is $111,746 to $133,458 along with a comprehensive benefit and pension plan, which include:
Complete Alberta Blue Cross flex benefit program including Medical, Dental & Prescriptions
Flexible Pension Plan – ATB will automatically contribute 4% of your base salary and short term incentive pay and will contribute an additional 4% in the form of a flexible wealth accumulation contribution (into your pension plan, an ATB RRSP, an ATB RESP or paying down your ATB mortgage). You can also make voluntary contributions up to 6% of your earnings and ATB will match up to 4%.
Full entitlement immediately on enrollment, no waiting period Out of Province Emergency Medical Coverage for up to $2MM per incident per 90 day trip for you and your dependents
Basic Life Insurance equal to one times your annual salary
Casual Illness and General Illness Coverage
Long Term Disability Coverage equal to 70% of your salary
Critical Illness Insurance up to $20,000
Catastrophic Prescription Drug Coverage
Employee Family Assistance Program
Statutory Employer Paid Benefits: Canadian Pension Plan, Employment Insurance, Worker’s Compensation
External and Internal Training and Development Opportunities
Professional Association Memberships
Personal ATB WorkPerks® account that gives you access to valuable discounts and offers from businesses
Team Member Mortgage rates available upon commencement
Discounted rates and fees on MasterCard products
Fees waived or reduced on products including accounts, RSP accounts, Safety Deposit Boxes, etc.
So what can ATB Financial offer you? Imagine paying less for your everyday banking, mortgages, loans and investments. Throw in an excellent benefits and pension package, opportunities for career advancement, and a financial institution that’s leading the way in change – now you’re talking about a career with a company that allows you to grow. As an award-winning employer-of-choice – we have the best of the best working for Albertans. Sound like a team you want to be a part of?
Advancement. Fun. Rewards… We get it.
To learn more visit atb.com.
To read our employer reviews visit our Glassdoor page.
ATB Financial is an equal opportunity employer. We thank all applicants for their interest; however, due to the high number of resumes we receive, only short-listed candidates will be contacted.
Please click the following link for information on communities where ATB thrives.
To apply and be considered for this opportunity, please email a cover letter highlighting your experience and fit for the role and a resume to:
Attention: Shahzia Noorally, Director - Talent Acquisition