62 jobs found for risk

We're looking for a Security Assurance and Advisory Lead to join our team in a permanent-full-time capacity.For immediate consideration, send your resume to Andre - andre.callegari@randstad.ca This role is 100% work at home.PURPOSE OF THE ROLE: ROLE: The Assurance and Advisory Lead will execute, develop, and support the Manager of GRC with planned Corporate projects, focusing on identifying technology and business risks, compensating controls, and opportunities for improvement in internal controls.Responsibility Breakdown Internal Quality Control, Assurance & Advisory- Manage and oversee risk and ensure quality control procedures are executed across the enterprise.- Perform security audits and risk assessments on new or existing solutions.- Manage domain of Advisory and Assurance services and continue to improve efficiencies- Validate security controls Information Technology teams and vendors.- Identify, propose, and implement security methodologies, and tools that simplify security testing anddiscovery activities.- Support business units in identifying improvement opportunities to manage risk and apply quality controlthroughout existing applications/systems, processes, and projects.- Identify and assess technology solutions and business risks, identifying internal controls to mitigate risks,Provide subject matter expertise in selecting and tailoring existing risk management approaches,methodologies, and tools to support and secure services and products.Risk Management - Assess projects and IT changes for compliance w/ security policies and regulatory landscape.- Identify areas of information security compliance vulnerability and risk within new and existing projects,processes, and technologies.- Perform strategic threat risk assessments, identifying key business risks and threats within projects, existingprocesses, leading communication, and reporting of identified risk and risk remediation plans.- Review and evaluate existing processes and projects to benchmark security compliance with industrystandards.- Present and communicate risk status to senior management.- Continue the development and management for the TRA and advisory services programProject & Team Management - Identify scope and objectives of projects, gaining an understanding of the business, and managingresources needed to conduct risk identification, risk mitigation, and risk compliance assurance activities.- Support and facilitate practice development in information security assurance and advisory engagementactivities, simultaneously overseeing and managing multiple projects.- Lead and manage outsourced commodity vendor and Third-Party Risk Management provider specific to theadvisory and assurance functionChange Management- Lead and drive change across the enterprise in implementing and improving existing risk managementmethodologies to ensure stakeholder buy-in and effective integration of risk management methodologies inbusiness practice.- Integrate and align risk management methodologies to other organizational initiatives:o, Identify and mitigate barriers to success.o, Ensure risk management methodologies are adopted within existing processes and programs.o Identify change management needs in staffing, training, communications, and organizationaldesigns.o Support and coordinate security training and awareness material that identifies and communicatesinformation on security compliance trends to employees.Requirements:- 8+ years of direct experience in an information security risk management and compliance role and several years of experience - Expertise in evaluating security controls, conducting risk assessments (including third-party risk management).- Knowledge and interest in technology including topics such as operating systems, mobile technologies, software development, networking, and business applications.- Understanding of internal control frameworks including COBIT, ISO 27001, NIST, ITIL, etc.- Experience in the implementation of ISO 27001 standards and certification- Knowledge of developing risk reports and control summaries.- Familiarity with the Internet of Things (IoT) devices, industrial control systems (ICS), and supervisory control and data acquisition (SCADA).- Architectural and network security experience.Advantages100% Remote Work for a leading healthcare company, and alongside top leaders in the security worldCompetitive compensation package Innovative tech-forward company ResponsibilitiesInternal Quality Control, Assurance & Advisory 40%Risk Management 30%Project & Team Management 15%Change Management 15%Qualifications- 8+ years of direct experience in information security risk management and compliance- Expertise in evaluating security controls, conducting risk assessments (including third-party risk management).- Knowledge and interest in technology including topics such as operating systems, mobile technologies, software development, networking, and business applications.- Understanding of internal control frameworks including COBIT, ISO 27001, NIST, ITIL, etc.- Experience in the implementation of ISO 27001 standards and certification- Knowledge of developing risk reports and control summaries.- Familiarity with the Internet of Things (IoT) devices, industrial control systems (ICS), and supervisory control and data acquisition (SCADA).- Architectural and network security experience.SummaryThe Assurance and Advisory Lead will execute, develop, and support the Manager of GRC with planned Corporate projects, focusing on identifying technology and business risks, compensating controls, and opportunities for improvement in internal controls.To apply, please email your resume to Andre - andre.callegari@randstad.ca Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Operational risk management advisorThe VP Operations Supervision and Monitoring is responsible for supporting and advising the PVP Network of caisses and Member and Client Services sectors. This PVP is the unit of the Federation which brings together the distribution of products and services intended for customers to individuals as well as the processing of these transactions.The VP Operations Supervision and Monitoring is looking for high-level professionals who can act as operational risk managers.Main responsibilities· Support the sectors in the identification and assessment of risk scenarios that may impact the achievement of business and operational targets.· Support the sectors in the activities of assessing the sufficiency and robustness of the control environment, i.e. the contribution of the control environment to the achievement of business and operational targets· Support the sectors in the analysis of projects and initiatives in order to identify the risks inherent in these operational changes and formulate concrete and value-added recommendations, in particular with regard to risk mitigation strategiesSupport sectors in the design of their controls and other mitigation measures and assess their effectiveness· Analyze risk events and operational malfunctions in order to assess the impacts and actions to be taken to reduce the risk of occurrence, if applicableRequired profileExperience in operational risk analysisExperience in risk toolsExpertise in control environmentStrong knowledge of advanced threats (risks related to information security, suppliers, technologies, data, etc.)Knowledge of the banking environment, particularly of specific sector activitiesAbility to organize mandates and deliver them in a timely mannerAbility to target and analyze issues, raise major issues, make diagnoses and make recommendations· Demonstrate leadership and have great workshop facilitation skills with multidisciplinary teams (IT, Business, Legal, etc.)Write reports / summaries in clear and simple language· Communicate effectively, Convince, Be strategic, Manage complexity, Master interpersonal relationshipsAdvantages______________________________________________________________________________Responsibilities______________________________________________________________________________Qualifications______________________________________________________________________________Summary______________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking Public Cloud Security Analyst, long term contract in Montreal Responsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. Profile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.AdvantagesLong term contract, 40 hours a week, large banking environment, Montreal based. Lots of opportunities to evolve within the organizationResponsibilitiesResponsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. QualificationsProfile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.SummaryOur client is looking Public Cloud Security Analyst, long term contract in Montreal Responsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. Profile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

We are looking for new talent to expand our security team. The digital world, daily changes force us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security point of view.Your role :Ensure that risk considerations are addressed at each phase of the development and deployment life cycle of a system· Evaluate the posture in terms of risk of one or more business unitsProduce, maintain and communicate indicators (progress, performance, risk, etc.)· Proactively propose solutions to reduce the risk of future breaches.· Recommend security measures in applications and infrastructure components by exercising judgment within existing policies and industry best practices.It's time to tell us your story!Here's how you can make an impact in our organization:· Inspiring a positive work environment and helping teamwork and team support as a champion and innovator.· Have a good understanding of the architecture and design of security in order to identify and recommend improvements in the methodologies and processes used within the business units and technical teams that you supportBe able to provide tactical and strategic direction as well as advice to help technical teams achieve acceptable security posturesBuild relationships of trust with technology teams and be able to provide them with information on application and infrastructure security to ensure secure release cyclesFacilitate risk assessments, support teams in remediation of vulnerabilities and ensure the review of security exceptionsHave a detailed understanding of the technological components maintained by the teams you support as well as their security postureParticipate in complex projects and be able to present complex safety reports, analysis and assessments to both technical and non-technical professionalsWhat you are offering:Completed Bachelor's degree, related to the industry, and 7 years of relevant experience or Completed Master's degree, related to the industry, and five years of relevant experience· Desired professional certifications (CISSP, etc.) or willingness to obtain them in a short time.3-5 years of information security experienceDemonstrated experience in infrastructure and application security,Experience in risk assessment with recognized toolsGood understanding of the areas of information security (authentication, authorization, access control, audit, cryptography, etc.)Good knowledge of the process of integrating security assessments into the life cycle process of business services (Servers, workstations, applications, network components, etc.)Practical and in-depth understanding of application architecture and related technologiesCollective sense, interpersonal skills, good communication and customer service orientedAbility to popularize risk and make presentations to different audiences (technical, trades, etc.)Bilingualism (spoken / written) French and English**** Generic security advisor tasks: monitoring procedures, governance, checklist, best practices, cybersecurity, etc.Advantages______________________________________________________________________________Responsibilities______________________________________________________________________________Qualifications______________________________________________________________________________Summary______________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client provides retail, leasing and wholesale financial services to customers across Canada. This role will provide security guidance to business and service partners, identify and prioritize security-related requirements and facilitate delivery of information security services. The successful candidate will also be responsible for the planning and execution of regular Business Continuity and Disaster Recovery initiatives. This role will also work closely with senior management to support and ensure compliance to prescribed risk mitigating policies and procedures in certain area of Operational and IT Risk.Acting as an Information Security ambassador to the business, this role determines security requirements by evaluating business initiatives and requirements; ensuring alignment to Global Information Security Standards; conducting system security/vulnerability analyses and risk assessments; studying architecture/platform and mitigating integration issues to enable business needs.This role will be reporting to the CIO.Primary Activities:•Conduct and monitor regular security access and vulnerability diagnostics and remediate any risks/issues (including email Phishing responses to Associates)•Maintain and conduct periodic reviews of the Risk Register and I.T. Asset List •Perform risk assessments of information systems and infrastructure; develop appropriate risk treatment and mitigation options, and effectively articulate findings/recommendations to IT project teams and management.•Analyze system architectures to design appropriate security requirements which enforce Information Security policies and standards.•Identify and communicate current and emerging security threats to Senior Management•Collaborate with business units, application teams, and service partners to provide guidance on security controls for managing risk •Manage regular BCP and DR initiatives •Coordinate ongoing Business Continuity Plan (“BCP”) activities•Develop and execute annual Information Security and BCP Associate Awareness training•Review policies and procedures relating to Business Continuity and Information Security annually•Manage and maintain the shared drive/portals, in accordance to policies and procedures•Provide support with IT projects and act as liaison with GISG (Global Information Security Group)•Serve as member of the Health and Safety CommitteeQualifications:•5-7 years’ related information security experience working with both on-prem and cloud technologies•Post-secondary education in Computer Science/Engineering or related field•Experience as an information security analyst/architect in Banking or Financial services•Hands-on experience configuring and managing security technologies•Exceptional communication skills with diverse audiences and levels - strong critical thinking and analytical skills.•Understanding of software and infrastructure development lifecycles•Understanding of network protocols, network topologies, virtual infrastructure, network segmentation, operating systems, databases, applications, and mobile security•Familiarity with standard network security technology solutions: e.g. firewall, router, VPN. •Familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, SIEM, vulnerability management, Cloud Access Security Brokers, Data Loss prevention solutions, anti-virus, single sign on and auditing.•Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.•Preferred License or Certification in Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Information Systems Security Architecture Professional (ISSAP), AWS Certified Security Specialty and/or Certified Cloud Security Knowledge (CCSK)•Working knowledge of Business Continuity and how to plan and execute supporting initiatives •Microsoft Office proficiency at intermediate level (Word, Outlook, Excel), including SharePointAdvantagesTeam of 12 people, this role is of such importance and significance that it reports directly to the CIO. You will have the opportunity to work with a number of partners and leverage relationships both in Canada and the US.The expectation is that employees will return to work in the fall, post Covid, but with a more flexible approach/balance to home/office exposure.ResponsibilitiesPrimary Activities:•Conduct and monitor regular security access and vulnerability diagnostics and remediate any risks/issues (including email Phishing responses to Associates)•Maintain and conduct periodic reviews of the Risk Register and I.T. Asset List •Perform risk assessments of information systems and infrastructure; develop appropriate risk treatment and mitigation options, and effectively articulate findings/recommendations to IT project teams and management.•Analyze system architectures to design appropriate security requirements which enforce Information Security policies and standards.•Identify and communicate current and emerging security threats to Senior Management•Collaborate with business units, application teams, and service partners to provide guidance on security controls for managing risk for TFS.•Manage TFS’ regular BCP and DR initiatives •Coordinate ongoing Business Continuity Plan (“BCP”) activities•Develop and execute annual Information Security and BCP Associate Awareness training•Review policies and procedures relating to Business Continuity and Information Security annually•Manage and maintain the shared drive/portals, in accordance to policies and procedures•Provide support with IT projects and act as liaison with Toyota’s GISG (Global Information Security Group)•Serve as member of the Health and Safety CommitteeQualificationsQualifications:•5-7 years’ related information security experience working with both on-prem and cloud technologies•Post-secondary education in Computer Science/Engineering or related field•Experience as an information security analyst/architect in Banking or Financial services•Hands-on experience configuring and managing security technologies•Exceptional communication skills with diverse audiences and levels - strong critical thinking and analytical skills.•Understanding of software and infrastructure development lifecycles•Understanding of network protocols, network topologies, virtual infrastructure, network segmentation, operating systems, databases, applications, and mobile security•Familiarity with standard network security technology solutions: e.g. firewall, router, VPN. •Familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, SIEM, vulnerability management, Cloud Access Security Brokers, Data Loss prevention solutions, anti-virus, single sign on and auditing.•Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.•Preferred License or Certification in Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Information Systems Security Architecture Professional (ISSAP), AWS Certified Security Specialty and/or Certified Cloud Security Knowledge (CCSK)•Working knowledge of Business Continuity and how to plan and execute supporting initiatives •Microsoft Office proficiency at intermediate level (Word, Outlook, Excel), including SharePointSummaryThis role will provide security guidance to business and service partners, identify and prioritize security-related requirements and facilitate delivery of information security services. The successful candidate will also be responsible for the planning and execution of regular Business Continuity and Disaster Recovery initiatives. This role will also work closely with senior management to support and ensure compliance to prescribed risk mitigating policies and procedures in certain area of Operational and IT Risk.Acting as an Information Security ambassador to the business, this role determines security requirements by evaluating business initiatives and requirements; ensuring alignment to Global Information Security Standards; conducting system security/vulnerability analyses and risk assessments; studying architecture/platform and mitigating integration issues to enable business needs.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Business Analyst, AccountingLong term contractMissions Primary tasks related to Business Analyst role include but are not limited to: A hands-on business analyst / financial product specialist, possessing strong experience in PNL and risk calculations within the capital markets setting. Main responsibility is to be a Point of Contact for one or more business lines with respect to project requests. Position also assumes responsibility as the main business analyst in AMER FRM on all strategic projects for these business lines. The candidate should have intermediate Project Management knowledge.It is critical that this individual has a proven track record working with trading, risk, accounting, and business support clients to perform business functions analysis, document requirement and coordinate with technical staff to deliver technology solutions. The individual also needs to manage business client expectations within a time-to-market and dynamic environment. Summary of responsibilities:- Study and analyze business functions, process requirements, pricing and risk analysis in a specific business domain.- Drive toward tech/non-tech solutions, assess either tactical or strategic approaches, assess/provide costs and timeframe of solution.- Coordinate solution workshops, document requirements with sponsors and acquire signoffs.- Bridge precise and detailed business requirements with developers and ensure accuracy of technical specifications covering the requirement.- Coordinate with users to produce comprehensive test plan and develop user signoff criteria. Hands-on involvement in analysis and documentation of testing results and review with end-users.- Participate in design of new architecture in relation to IS strategy. AdvantagesLong term contract, 40 hrs a week, large banking environment, Montreal based. Lors of room to grow and develop skills with training and coachingResponsibilitiesMissions Primary tasks related to Business Analyst role include but are not limited to: A hands-on business analyst / financial product specialist, possessing strong experience in PNL and risk calculations within the capital markets setting. Main responsibility is to be a Point of Contact in AMER for one or more business lines with respect to project requests. Position also assumes responsibility as the main business analyst in AMER FRM on all strategic projects for these business lines. The candidate should have intermediate Project Management knowledge.It is critical that this individual has a proven track record working with trading, risk, accounting, and business support clients to perform business functions analysis, document requirement and coordinate with technical staff to deliver technology solutions. The individual also needs to manage business client expectations within a time-to-market and dynamic environment. Summary of responsibilities:- Study and analyze business functions, process requirements, pricing and risk analysis in a specific business domain.- Drive toward tech/non-tech solutions, assess either tactical or strategic approaches, assess/provide costs and timeframe of solution.- Coordinate solution workshops, document requirements with sponsors and acquire signoffs.- Bridge precise and detailed business requirements with developers and ensure accuracy of technical specifications covering the requirement.- Coordinate with users to produce comprehensive test plan and develop user signoff criteria. Hands-on involvement in analysis and documentation of testing results and review with end-users.- Participate in design of new architecture in relation to IS strategy. QualificationsCompetencies:Required: • Proven expertise as business analyst in Accounting & Regulatory reporting within Capital Markets domain • Confident familiarity with security valuation, product PnL and Risk.• Advanced skills in interfacing with business clients (front office, accounting, and risk) to comprehend and document business requirements and their priority as well as develop technical or user process solutions.• Advanced skills in interfacing with teams of developers, solid familiarity with major SDLC approaches (accent on Agile methods family). • Excellent communication and written skills. • Ability to manage multiple priorities, commitments and projects. SummaryCompetencies:Required: • Proven expertise as business analyst in Accounting & Regulatory reporting within Capital Markets domain • Confident familiarity with security valuation, product PnL and Risk.• Advanced skills in interfacing with business clients (front office, accounting, and risk) to comprehend and document business requirements and their priority as well as develop technical or user process solutions.• Advanced skills in interfacing with teams of developers, solid familiarity with major SDLC approaches (accent on Agile methods family). • Excellent communication and written skills. • Ability to manage multiple priorities, commitments and projects. Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking for a Third Party Senior Analyst, long term contract in Montreal Responsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsAdvantagesLong term contract, 40 hours a week, large banking environment, Montreal based. Lots of opportunities to evolve within the organizationResponsibilitiesResponsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementQualificationsProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsSummaryOur client is looking for a Third Party Senior Analyst, long term contract in Montreal Responsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking for a Vulnerability Management Lead, large environment in downtown Montreal.The responsibilities would be: - Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects The required technical skills are:- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemAdvantagesLarge banking environmentWork from homeMontreal based40 hours - weekLong term contractResponsibilities- Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects Qualifications- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemSummaryOur client is looking for a Vulnerability Management Lead, large environment in downtown Montreal.The responsibilities would be: - Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects The required technical skills are:- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

CONTRACTOR - Sr Application Support Analyst - Missions Primary tasks related to Production Support Analyst role include but are not limited to: Provide timely resolution of functional and technical issues and report incidents to the appropriate chain of command. End user community includes FO, MO, Product Controls, and Risk.Troubleshoot functional issues in a complex financial environment, with various applications and architecture regionally and/or globally. Multi-tasking environment.Provide functional and technical expertise to produce and promote maintainable and quality solutions. Includes documenting system requirements and documentation of support run book.Communicate with users regarding application outages.Help configure setup as requested by users and monitor platforms.Understand regulatory environment and constraints.Perform post-rollout testing of new releases (quality assurance).Handle queries and one-off data research requests from users.Respond to end users within timeframe dictated by the severity of the problem, and document and track (case histories, issues, and action steps) the response.Research technical processes using sources such as error logs and product technical documentation; and identify solutions to resolve problems or improve efficiency.Respect internal IT norms, standards, and processes.Timely reporting of production and project status to client and IT management.Effective and efficient oral and written communication to various audiences at appropriate levels.Partner with development teams on release management.Partner with the Global support teams to ensure quality support to our end users.Effectively manage the Client Relationship with the end user community. Profile Competencies Required: Experience in application supportKnowledge of market Risk Management in Finance (Risk Analysis, VaR, SVaR, PnL, Liquidity)Knowledge of pricing of Equity and Derivatives products (Options, ELS, Futures, …)Experience working with relational databasesGood ability to analyze, solve and monitor problemsGood organizational and priority skills and ability to manage multiple tasks simultaneously Desired/ Plus:FRM CertificationITIL Certification Technical skills Required:2+ years SQL (SQL Server, Oracle …)2+ years Unix, Linux server environment Desired/ Plus:Knowledge in Programming (Python, Shell, Java) Education Required:Bachelor of Computers Science or other related university degree Languages Required:English Desired/ Plus:French AdvantagesLong term contract, very stable and challenging environment. Lots of opportunities to grow within the company and very competent teams to help support all the activitiesResponsibilitiesMissions Primary tasks related to Production Support Analyst role include but are not limited to: Provide timely resolution of functional and technical issues and report incidents to the appropriate chain of command. End user community includes FO, MO, Product Controls, and Risk.Troubleshoot functional issues in a complex financial environment, with various applications and architecture regionally and/or globally. Multi-tasking environment.Provide functional and technical expertise to produce and promote maintainable and quality solutions. Includes documenting system requirements and documentation of support run book.Communicate with users regarding application outages.Help configure setup as requested by users and monitor platforms.Understand regulatory environment and constraints.Perform post-rollout testing of new releases (quality assurance).Handle queries and one-off data research requests from users.Respond to end users within timeframe dictated by the severity of the problem, and document and track (case histories, issues, and action steps) the response.Research technical processes using sources such as error logs and product technical documentation; and identify solutions to resolve problems or improve efficiency.Respect internal IT norms, standards, and processes.Timely reporting of production and project status to client and IT management.Effective and efficient oral and written communication to various audiences at appropriate levels.Partner with development teams on release management.Partner with the Global support teams to ensure quality support to our end users.Effectively manage the Client Relationship with the end user community. Qualifications Profile Competencies Required: Experience in application supportKnowledge of market Risk Management in Finance (Risk Analysis, VaR, SVaR, PnL, Liquidity)Knowledge of pricing of Equity and Derivatives products (Options, ELS, Futures, …)Experience working with relational databasesGood ability to analyze, solve and monitor problemsGood organizational and priority skills and ability to manage multiple tasks simultaneously Desired/ Plus:FRM CertificationITIL Certification Technical skills Required:2+ years SQL (SQL Server, Oracle …)2+ years Unix, Linux server environment Desired/ Plus:Knowledge in Programming (Python, Shell, Java) Education Required:Bachelor of Computers Science or other related university degree Languages Required:English Desired/ Plus:French Summary Profile Competencies Required: Experience in application supportKnowledge of market Risk Management in Finance (Risk Analysis, VaR, SVaR, PnL, Liquidity)Knowledge of pricing of Equity and Derivatives products (Options, ELS, Futures, …)Experience working with relational databasesGood ability to analyze, solve and monitor problemsGood organizational and priority skills and ability to manage multiple tasks simultaneously Desired/ Plus:FRM CertificationITIL Certification Technical skills Required:2+ years SQL (SQL Server, Oracle …)2+ years Unix, Linux server environment Desired/ Plus:Knowledge in Programming (Python, Shell, Java) Education Required:Bachelor of Computers Science or other related university degree Languages Required:English Desired/ Plus:French Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client, a leader in the insurance industry is looking for a Jr Business Analyst to join their team for an initial 6 month contract Primary Duties • Support the Manager in assessing Risk & Controls following best practices and standards.• Contribute to the development and implementation of procedures and processes within the team to assure they are compliant with the Controls.• Build and execute remediation plans.Advantages- work on a high profile projects for a major corporation- work from home initially until quarantine is lifted ResponsibilitiesAccountabilities:• Support the Manager in assessing Risk & Controls following best practices and standards.• Contribute to the development and implementation of procedures and processes within the team to assure they are compliant with the Controls.• Build and execute remediation plans.• Review and edit requirements, specifications, business processes and recommendations related to proposed solutions.• Document processes, procedures, and system design specifications for project engagements or BAU.• Track joiners, movers, and leavers to take actions accordingly.• Identify areas of opportunities throughout various existing processes that can improve and make them more efficient.QualificationsQualifications:• Prior audit or risk management experience is an asset• Exceptional communication skills at all levels of interaction and correspondence, including presentation skills• Ability to foster and build good working relationships with areas inside and outside the business unit.• Very strong problem-solving skills with a desire to understand the issue.• Ability to prioritize workload and meet multiple project deadlines.• Ability to adapt in a dynamic work environment.• Be effective at identifying areas of possible change, defining requirements, and work to improve the overall benefit of the systems/processes.• Strong analytical and decision-making skills• Commitment to ongoing professional and technical development• Expert knowledge of Microsoft Office suite• College or University degree SummaryKEYS TO JOB- several years experience as a Business Analyst - Prior audit or risk management experience is an asset- insurance or financial industry experience is a plusRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Are you a Security Consultant thinking about contracting?Are you looking for a long term engagement to get you started?Then we want to hear from you!We are pleased to offer you this new and exciting CONTRACT requirement with our client for the position of:Senior Securiy Consultant - ITSG NIST-Start: ASAP-Estimated length: 6+ Month-Location: REMOTE or Halifax NSAdvantagesYou will have an opportunity to work with a leading employer in the local market.Responsibilities• Preparation of detailed security documentation• Detailed review of security documentation with customer to analyze and rectify gaps• Security Testing & Evaluation• Pre-audit preparation including internal audit• Risk management• Gap analysis against security controls, contract clauses and current practices• Recommend and implement security controls• Mitigation & remediationQualifications• ITSG-33- IT Security Risk Management: A Lifecycle Approach• NIST SP 800-171 Rev 2 - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations• NIST SP 800-172- Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171• NIST SP 800-53 Rev 4• ITSG-22 - Baseline Security Requirements for Network Security Zones in the Government of Canada• NIST Cybersecurity Framework 1.1• NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments• Canadian and Industrial Security Directorate (CISD)• RCMP Harmonized Threat and Risk Assessment methodology• Policy on Government Security• ITSP.40.006 IT Media Sanitization• Detailed Security Requirements• Information Security Policy• Security High Level Design• Security Detailed Design• Security Architecture• Tailored Security Control Profile• Security Requirements Traceability Matrix (SRTM)• Plan of Actions and Milestones (POAM)• Security Concept of Operations (CONOPS)• Security Incident Response Plan & Procedures• System Security Plan• Configuration Management Plan• Change Management Plan• Patch Management PlanADDITIONAL REQUIREMENT-You must have been in Canada for the last 5 years (ideally 10 years) in order to be considered for this opportunity you must qualify for Controlled Goods Security Clearance (CGP)/Enhanced /NATO Security Clearance.-Background check is requiredSummaryDo you have this experience? If you answer YES, then please apply IMMEDIATELY to so we can then discuss your experience and interest in this opportunity!www.randstad.caRandstad TechnologiesCanada's largest provider of IT Staffing Solutions, offering hundreds of permanent and contract opportunities across all roles, levels and platforms. Our Web-based tools help you see and apply for jobs matched automatically to your skills and preferences. When you're ready to interview we meet with you in person to help you build the technology career path you've always wanted. Visit www.randstad.ca to get started!Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client, a leader in the insurance industry is looking for a Sr. Project Manager to join their team for an initial 1 year contract .• Manages multiple projects simultaneously using a variety of governance approaches and may be under the direct supervision of a Program/Portfolio Manager or EPMO executive.• Responsible for overall coordination, status reporting and stability of project-oriented work efforts and for implementing company's project management processes and methodologies for Stakeholders to ensure projects are delivered on time and within budget, and that they adhere to high quality standards and meet customer needs.• Applies in-depth knowledge of plan development and execution for scope, schedule, budgeting, and control, quality assurance, communications, risk identification and risk response control.Advantages- work on a high profile projects for a major corporation- work from home initially until quarantine is lifted Responsibilities• Accountable for IT Project lifecycle delivery within company's Project Management Framework including associated Risk Management, Data Governance, Security, Financial and related IT practices.• Provides leadership and orchestrates the delivery of strategic IT initiatives in accordance with company Standards, typically across multi-disciplinary teams• Manages multiple projects simultaneously using a variety of governance approaches and may be under the direct supervision of a Program/Portfolio Manager or EPMO executive.• Responsible for overall coordination, status reporting and stability of project-oriented work efforts and for implementing company's project management processes and methodologies for Stakeholders to ensure projects are delivered on time and within budget, and that they adhere to high quality standards and meet customer needs.• Applies in-depth knowledge of plan development and execution for scope, schedule, budgeting, and control, quality assurance, communications, risk identification and risk response control.• Applies a wide range of project management experience and tools within company's Change Framework including resource management practices and change management techniques.• Sets project priorities under conditions of limited resources and competing demands.• Tracks and Measures key project performance indicators using appropriate tools and techniques in order to monitor the progress of the project, identify and quantify any variances, perform any required corrective actions, and communicate to all stakeholders.• Makes decisions based on facts to accept exposure or to reduce vulnerabilities by either mitigating the risks or applying cost effective controls.• Takes guidance from EPMO Leadership, QA and Compliance with respect to project processes, procedures, metrics, and reporting• Motivates and leads others towards their achievement within the Project Delivery.Qualifications•Requirements:• Minimum of 10 years of experience that is directly related to the duties and responsibilities specified.• Strong Technical skills as required to operate and orchestrate within the full Technology delivery life cycle in a project setting that plans to change the business. May be seen to actively participate in solution & delivery discussions, risks, quality and deployment activities.• Delivery experience in Emerging Digital Platform environments with dependencies on legacy systems integration is a strong asset.• Knowledge of any Enterprise Portfolio Management applications (EPM) as it pertains to Cost and Resource Management within the Project Plan.• Bachelor's degree or equivalent• Strong organization skills including demonstrated tenacity for following up with team members and leadership on outstanding items• Ability to manage multiple high priority tasks in a fast-paced and evolving organization• Self-motivated; proactive in thought and deed. Eagerly assumes responsibility for things that need to be done• Excellent interpersonal, communication, influencing, negotiation and stakeholder collaboration skills• Can understand, explain and present complex ideas to both technical and non-technical audiences at all levels in a persuasive and convincing manner• Experience leading projects using Agile delivery techniques is considered an asset.• Advanced Microsoft Office skills and knowledgeSummaryKEYS TO JOB- 10 years Project Management in Enterprise environment (Insurance industry or financial industry experience preferred)-ideally has exp overseeing integration of Digital systems with legacy systemsRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Identity & Access Management Analyst - Long term contractMissions The Identity & Access Management (IAM) Analyst is responsible for the delivery of IAM missions in the Americas region to ensure security controls are functioning both effectively and efficiently. This position requires hands-on engagement as a security analysis and demands strong collaboration with global contributors at all levels of the organization. The role also requires the candidate to manage all aspects of their projects, lead contributors from globally distributed teams, and to regularly communicate updates to senior management.The ideal candidate will have a solid understanding of IAM principles, security best practices (e.g. NIST, ISO), and key regulations applicable to a global financial services organization (e.g. NYDFS 500, GDPR).Essential competencies include highly proactive and autonomous engagement, strong communication capabilities at all levels of the organization, and ability to influence without authority at both the regional and global level.As a member of the global Data & Cyber Security (DCS) team, the candidate will focus on driving global transformational IAM initiatives supporting business operations in the Americas region. Candidate will be involved in all facets of security analysis and project management with key responsibilities being:Independently develop project plans and drive initiatives through their full lifecyclePerform policy, process and data analysis to assess requirements and identify control gapsDefine and implement solutions to align controls with defined risk tolerancesEnsure solutions are strategically aligned, regulatorily compliant, sustainable, and make efficient use of organizational resourcesPropose and secure support for both tactical and strategic risk mitigation recommendationsLead coalition of project contributors from the global infrastructure, IT, and business teamsProvide continuous project status updates to sponsors, stakeholders, and senior managementCollaborate with DCS GRC, risk team, and auditors/regulators in risk assessment and mitigationEstablish and maintain strong levels of trust with both regional and global partners Profile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesAdvantagesLong term contract, 40 hrs a week, large banking environment, Montreal based. Lors of room to grow and develop skills with training and coachingResponsibilitiesMissions The Identity & Access Management (IAM) Analyst for Société Générale is responsible for the delivery of IAM missions in the Americas region to ensure security controls are functioning both effectively and efficiently. This position requires hands-on engagement as a security analysis and demands strong collaboration with global contributors at all levels of the organization. The role also requires the candidate to manage all aspects of their projects, lead contributors from globally distributed teams, and to regularly communicate updates to senior management.The ideal candidate will have a solid understanding of IAM principles, security best practices (e.g. NIST, ISO), and key regulations applicable to a global financial services organization (e.g. NYDFS 500, GDPR).Essential competencies include highly proactive and autonomous engagement, strong communication capabilities at all levels of the organization, and ability to influence without authority at both the regional and global level.As a member of the global Data & Cyber Security (DCS) team, the candidate will focus on driving global transformational IAM initiatives supporting business operations in the Americas region. Candidate will be involved in all facets of security analysis and project management with key responsibilities being:Independently develop project plans and drive initiatives through their full lifecyclePerform policy, process and data analysis to assess requirements and identify control gapsDefine and implement solutions to align controls with defined risk tolerancesEnsure solutions are strategically aligned, regulatorily compliant, sustainable, and make efficient use of organizational resourcesPropose and secure support for both tactical and strategic risk mitigation recommendationsLead coalition of project contributors from the global infrastructure, IT, and business teamsProvide continuous project status updates to sponsors, stakeholders, and senior managementCollaborate with DCS GRC, risk team, and auditors/regulators in risk assessment and mitigationEstablish and maintain strong levels of trust with both regional and global partnersQualificationsProfile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesSummaryProfile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client, a leader in the insurance industry is looking for a Project Manager who has experience leading cyber security based projects.The Position:You will be responsible for managing the delivery of information security projects and initiatives of various sizes and complexities. You will define, plan, and manage implementation of initiatives within agreed time, cost, and quality objectives. In collaboration with third-party vendor partners, contractors and internal IT staff, you will provide leadership on specific, assigned security-centric projects within your portfolio.Rounding out your role is the application of project management standards, disciplines and controls as described within the company's Project Management Framework to ensure successful project implementation.This is a HANDS-ON TECHNICAL PROJECT MANAGEMENT ROLEAdvantages- work on a high profile projects for a major corporation- work from home initially until quarantine is lifted ResponsibilitiesKey Responsibilities:- Deliver security-centric projects, leveraging all appropriate project management standards, disciplines, and controls as described within the Project Management Framework:- Define program/project scope; provide input into the business case- Ensure successful execution of project deliverables within scope, schedule and budget- Oversee IT and Cyber Risk regulatory compliance to IT and IT Risk Management domains- Maintain resource capacity planning Drive budget forecast and financial planning- Steering committee and stakeholder communication and status reporting- Regularly develop and produce security metrics, status reports and presentations for various audiences, including CISO, CIO and Group CISO Act as InfoSec ambassador establishing relationshipwith all levels of Business Units- Encourage and model creative approach to problem solving, relationship management, and communication to drive effective resultsTo be successful, the Security project manager needs to maintain strong relationships and communicate effectively with a number of both technical and management stakeholders, and navigate the obstacles surrounding the project and its cross-functional players.QualificationsSkills and Experience Requirements:1 - A solid background delivering multiple IT projects of various complexity ranging in budget from $10K to $500K+, and requiring collaboration among IT, business, and change management teams.- 2- 5+ years of IT project management experience Strong oral and written communication skills and effective presentation techniques- Ability to embrace agile working environment with focus on collaboration, continuous improvement, delivering value, and the ability to adapt to change -Experience with Business Process Analysis; Process Improvement and Reengineering- Experience with people and organizational change management skills, tools and techniques- In-depth understanding, knowledge and experience in Project Management Methodology (PMM)/- Project Management Institute (PMI) and PMBOK-based project management methodologies- Demonstrated ability to apply project management and IT delivery principles while maintaining appropriate situational flexibility and pragmatism- Extensive experience with project management and productivity tools (MS Project, JIRA, SharePoint, MS Visio), best practices and processes- Comprehensive understanding of Finance issues, budgeting, and cost benefit analysis, with experience in developing compelling business cases and gaining executive approval for complex initiatives.- Familiarity with concepts of Information Security and Risk Management- Excellent relationship management skills including Steering Committee and Stakeholder management (especially managing expectations)- Ability to effectively manage ambiguity- Ability to coach and motivate the team of technical SMEs on a day-to-day basisEducation: University degree or equivalent college diploma in an Information Technology related field is required Project Management certification and solid technical background would be considered assetsTechnology and Tools: Excel is mandatory (MS SharePoint, MS Visio, MS Project, JIRA, Confluence are nice to haves) skills and knowledgeSummaryKEYS TO JOB- Minimum 2 years Project management experience leading Cyber Security based initiatives - - Familiarity with concepts of Information Security and Risk ManagementRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

DevOps Analyst - Scripting and Automation Application SupportLong term contract.Candidates must be able to reintegrate downtown Montreal offices from SeptemberMissions Primary tasks related to Production Support Analyst role include but are not limited to:Provide timely resolution of functional and technical issues and report incidents to the appropriate chain of command. End user community includes FO, MO, Product Controls, and Risk.Troubleshoot functional issues in a complex financial environment, with various applications and architecture regionally and/or globally. Multi-tasking environment.Provide functional and technical expertise to produce and promote maintainable and quality solutions. Includes documenting system requirements and documentation of support run book.Communicate with users regarding application outages.Liaise with development teams in Bangalore, New York, and Paris.Help configure setup as requested by users and monitor platforms.Understand regulatory environment and constraints.Perform post-rollout testing of new releases (quality assurance).Handle queries and one-off data research requests from users.Respond to end users within timeframe dictated by the severity of the problem, and document and track (case histories, issues, and action steps) the response.Research technical processes using sources such as error logs and product technical documentation; and identify solutions to resolve problems or improve efficiency.Respect internal IT norms, standards, and processes.Timely reporting of production and project status to client and IT management.Effective and efficient oral and written communication to various audiences at appropriate levels.Partner with development teams (NY/Paris) on release management.Partner with the Global support teams (Paris/Asia) to ensure quality support to our end users.Effectively manage the Client Relationship with the end user community.AdvantagesLong term contract, 40 hrs a week, large banking environment, Montreal based. Lots of room to grow and develop skills with training and coachingResponsibilitiesMissions Primary tasks related to Production Support Analyst role include but are not limited to:Provide timely resolution of functional and technical issues and report incidents to the appropriate chain of command. End user community includes FO, MO, Product Controls, and Risk.Troubleshoot functional issues in a complex financial environment, with various applications and architecture regionally and/or globally. Multi-tasking environment.Provide functional and technical expertise to produce and promote maintainable and quality solutions. Includes documenting system requirements and documentation of support run book.Communicate with users regarding application outages.Liaise with development teams in Bangalore, New York, and Paris.Help configure setup as requested by users and monitor platforms.Understand regulatory environment and constraints.Perform post-rollout testing of new releases (quality assurance).Handle queries and one-off data research requests from users.Respond to end users within timeframe dictated by the severity of the problem, and document and track (case histories, issues, and action steps) the response.Research technical processes using sources such as error logs and product technical documentation; and identify solutions to resolve problems or improve efficiency.Respect internal IT norms, standards, and processes.Timely reporting of production and project status to client and IT management.Effective and efficient oral and written communication to various audiences at appropriate levels.Partner with development teams (NY/Paris) on release management.Partner with the Global support teams (Paris/Asia) to ensure quality support to our end users.Effectively manage the Client Relationship with the end user community.QualificationsProfile CompetenciesExperience in application supportKnowledge of market Risk Management in Finance (Risk Analysis, VaR, SVaR, PnL, Liquidity)Knowledge of pricing of Equity and Derivatives products (Options, ELS, Futures, …)Experience working with relational databasesGood ability to analyze, solve and monitor problemsGood organizational and priority skills and ability to manage multiple tasks simultaneouslyFRM and/or ITIL Certification a plusTechnical Skills2+ years SQL (SQL Server, Oracle …)2+ years Unix, Linux server environment2+ years of scripting and automationKnowledge in Programming (Python, Shell, Java) a plusEducationBachelor of Computers Science or other related university degreeLanguages RequiredBilingual English/FrenchSummaryProfile CompetenciesExperience in application supportKnowledge of market Risk Management in Finance (Risk Analysis, VaR, SVaR, PnL, Liquidity)Knowledge of pricing of Equity and Derivatives products (Options, ELS, Futures, …)Experience working with relational databasesGood ability to analyze, solve and monitor problemsGood organizational and priority skills and ability to manage multiple tasks simultaneouslyFRM and/or ITIL Certification a plusTechnical Skills2+ years SQL (SQL Server, Oracle …)2+ years Unix, Linux server environment2+ years of scripting and automationKnowledge in Programming (Python, Shell, Java) a plusEducationBachelor of Computers Science or other related university degreeLanguages RequiredBilingual English/FrenchRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Position:IT Project ManagerMandate description:​Main responsibilities:Ensure that all projects are delivered on-time, within scope and within budgetAssist in the definition of project scope and objectives, involving all relevant stakeholders and ensuring technical feasibilityIdentify project milestones, critical success factors, risks and resource requirementsEnsure resource availability and allocation, working closely with resource managersDevelop a detailed project plan to deliver the project, and track progressManage changes to the project scope, project schedule and project costs using appropriate verification techniquesMeasure and track project performance using available tools and techniques in compliance with key performance indicators (KPI)Report progress, risks, challenges, and engage management as neededManage the relationships with the client, vendors and all stakeholdersPerform risk management regularly to minimize impact on the projectCreate, maintain and communicate comprehensive project documentationManage budget and use change process as needed---------------------------------------------------------------------------------------------------------------------Level of experience: IntermediateYears of experience: 3-5Minimum requirements:Bachelor’s degree in computer science, project management or equivalent.Technologies required:​Knowledge of legal software systems such as iManage, Tymertrix, Legal Suite, Summation, ACL, JusrisConcept, etc.Other requirements:​Experience working in a Law firm's IT group.AdvantagesWFH - remote work is acceptable. Ability to work with vendors and other offices is critical however.ResponsibilitiesMain responsibilities:Ensure that all projects are delivered on-time, within scope and within budgetAssist in the definition of project scope and objectives, involving all relevant stakeholders and ensuring technical feasibilityIdentify project milestones, critical success factors, risks and resource requirementsEnsure resource availability and allocation, working closely with resource managersDevelop a detailed project plan to deliver the project, and track progressManage changes to the project scope, project schedule and project costs using appropriate verification techniquesMeasure and track project performance using available tools and techniques in compliance with key performance indicators (KPI)Report progress, risks, challenges, and engage management as neededManage the relationships with the client, vendors and all stakeholdersPerform risk management regularly to minimize impact on the projectCreate, maintain and communicate comprehensive project documentationManage budget and use change process as neededQualificationsMinimum requirements:Bachelor’s degree in computer science, project management or equivalent.Technologies required:​Knowledge of legal software systems such as iManage, Tymertrix, Legal Suite, Summation, ACL, JusrisConcept, etc.Other requirements:​Experience working in a Law firm's IT group.SummaryPosition:IT Project ManagerMandate description:​Main responsibilities:Ensure that all projects are delivered on-time, within scope and within budgetAssist in the definition of project scope and objectives, involving all relevant stakeholders and ensuring technical feasibilityIdentify project milestones, critical success factors, risks and resource requirementsEnsure resource availability and allocation, working closely with resource managersDevelop a detailed project plan to deliver the project, and track progressManage changes to the project scope, project schedule and project costs using appropriate verification techniquesMeasure and track project performance using available tools and techniques in compliance with key performance indicators (KPI)Report progress, risks, challenges, and engage management as neededManage the relationships with the client, vendors and all stakeholdersPerform risk management regularly to minimize impact on the projectCreate, maintain and communicate comprehensive project documentationManage budget and use change process as needed---------------------------------------------------------------------------------------------------------------------Level of experience: IntermediateYears of experience: 3-5Minimum requirements:Bachelor’s degree in computer science, project management or equivalent.Technologies required:​Knowledge of legal software systems such as iManage, Tymertrix, Legal Suite, Summation, ACL, JusrisConcept, etc.Other requirements:​Experience working in a Law firm's IT group.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.