121 jobs found for security

Are you an experienced Security Engineer in search of your next contract opportunity? Our high-profile Vancouver client is seeking to hire a Security Engineer to join their talented team on a 6-month contract with a strong probability of extension. Apply to this amazing Security Engineer opportunity today!AdvantagesWhat’s in it for you!As a Security Engineer with our client, you’ll receive:- Highly competitive market hourly rates- A 6-month contract with a strong probability of extension- Remote interview processResponsibilitiesWhat will you do?- Performing application security reviews - Performing or managing partners to perform application penetration testing - Security training and outreach to internal development teams - Documenting security guidance and standards - Security tool development - Security metrics delivery and driving improvement - Based out of the Seattle or Vancouver SSCsQualificationsQualifications - Experience building tools and processes to reliably identify security issues and logic flaws across large code bases - Understanding of security challenges in service architectures or large distributed systems - Expertise with web application security best practices - Working experience in one or more programming languages: Java, Python, JavaScript, preferred - Experience communicating security concerns and issues to non-technical audiences - An understanding of AWS cloud services and concepts such as S3, EC2, Lambda, and VPC - Experience with common web application testing tools for IAST, DAST, and SAST, and analysis tools - Exposure to E-commerce / Web Content Management System platforms (Like Salesforce Commerce cloud, ATG, AEM) - Exposure security analysis and best practice recommendation in micro service landscape.Bonus Qualifications - Program Management experience - Working knowledge in Jira - Bug Bounty program experience - Agile software development experience - Cloud fare experienceMust haves - Acknowledges the presence of choice in every moment and takes personal responsibility for their life - Possesses an entrepreneurial spirit and continuously innovates to achieve great results - Communicates with honesty and kindness and creates the space for others to do the same - Leads with courage, knowing the possibility of greatness is bigger than the fear of failure - Fosters connection by putting people first and building trusting relationships - Integrates fun and joy as a way of being and working, aka doesn’t take themselves too seriouslySummaryIf you are a Security Engineer and the prospect of joining a dedicated team intrigues you, then this role with our high-profile client could be the perfect opportunity for you.Please contact Apurva Shaw with your resume at:apurva.shaw@randstad.caFor more information, or click the Apply button now!Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

We are looking for new talent to expand our security team. The digital world, daily changes force us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security point of view.Your role :Ensure that risk considerations are addressed at each phase of the development and deployment life cycle of a system· Evaluate the posture in terms of risk of one or more business unitsProduce, maintain and communicate indicators (progress, performance, risk, etc.)· Proactively propose solutions to reduce the risk of future breaches.· Recommend security measures in applications and infrastructure components by exercising judgment within existing policies and industry best practices.It's time to tell us your story!Here's how you can make an impact in our organization:· Inspiring a positive work environment and helping teamwork and team support as a champion and innovator.· Have a good understanding of the architecture and design of security in order to identify and recommend improvements in the methodologies and processes used within the business units and technical teams that you supportBe able to provide tactical and strategic direction as well as advice to help technical teams achieve acceptable security posturesBuild relationships of trust with technology teams and be able to provide them with information on application and infrastructure security to ensure secure release cyclesFacilitate risk assessments, support teams in remediation of vulnerabilities and ensure the review of security exceptionsHave a detailed understanding of the technological components maintained by the teams you support as well as their security postureParticipate in complex projects and be able to present complex safety reports, analysis and assessments to both technical and non-technical professionalsWhat you are offering:Completed Bachelor's degree, related to the industry, and 7 years of relevant experience or Completed Master's degree, related to the industry, and five years of relevant experience· Desired professional certifications (CISSP, etc.) or willingness to obtain them in a short time.3-5 years of information security experienceDemonstrated experience in infrastructure and application security,Experience in risk assessment with recognized toolsGood understanding of the areas of information security (authentication, authorization, access control, audit, cryptography, etc.)Good knowledge of the process of integrating security assessments into the life cycle process of business services (Servers, workstations, applications, network components, etc.)Practical and in-depth understanding of application architecture and related technologiesCollective sense, interpersonal skills, good communication and customer service orientedAbility to popularize risk and make presentations to different audiences (technical, trades, etc.)Bilingualism (spoken / written) French and English**** Generic security advisor tasks: monitoring procedures, governance, checklist, best practices, cybersecurity, etc.Advantages______________________________________________________________________________Responsibilities______________________________________________________________________________Qualifications______________________________________________________________________________Summary______________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Are you a Security Consultant thinking about contracting?Are you looking for a long term engagement to get you started?Then we want to hear from you!We are pleased to offer you this new and exciting CONTRACT requirement with our client for the position of:Senior Securiy Consultant - ITSG NIST-Start: ASAP-Estimated length: 6+ Month-Location: REMOTE or Halifax NSAdvantagesYou will have an opportunity to work with a leading employer in the local market.Responsibilities• Preparation of detailed security documentation• Detailed review of security documentation with customer to analyze and rectify gaps• Security Testing & Evaluation• Pre-audit preparation including internal audit• Risk management• Gap analysis against security controls, contract clauses and current practices• Recommend and implement security controls• Mitigation & remediationQualifications• ITSG-33- IT Security Risk Management: A Lifecycle Approach• NIST SP 800-171 Rev 2 - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations• NIST SP 800-172- Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171• NIST SP 800-53 Rev 4• ITSG-22 - Baseline Security Requirements for Network Security Zones in the Government of Canada• NIST Cybersecurity Framework 1.1• NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments• Canadian and Industrial Security Directorate (CISD)• RCMP Harmonized Threat and Risk Assessment methodology• Policy on Government Security• ITSP.40.006 IT Media Sanitization• Detailed Security Requirements• Information Security Policy• Security High Level Design• Security Detailed Design• Security Architecture• Tailored Security Control Profile• Security Requirements Traceability Matrix (SRTM)• Plan of Actions and Milestones (POAM)• Security Concept of Operations (CONOPS)• Security Incident Response Plan & Procedures• System Security Plan• Configuration Management Plan• Change Management Plan• Patch Management PlanADDITIONAL REQUIREMENT-You must have been in Canada for the last 5 years (ideally 10 years) in order to be considered for this opportunity you must qualify for Controlled Goods Security Clearance (CGP)/Enhanced /NATO Security Clearance.-Background check is requiredSummaryDo you have this experience? If you answer YES, then please apply IMMEDIATELY to so we can then discuss your experience and interest in this opportunity!www.randstad.caRandstad TechnologiesCanada's largest provider of IT Staffing Solutions, offering hundreds of permanent and contract opportunities across all roles, levels and platforms. Our Web-based tools help you see and apply for jobs matched automatically to your skills and preferences. When you're ready to interview we meet with you in person to help you build the technology career path you've always wanted. Visit www.randstad.ca to get started!Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

a) 15 to 20 years experience in information technology related rolesb) Must have both technology system and technology business process knowledge toperform this role.c) Experience across the IT-domain including in infrastructure, network, softwaredevelopment, applications management, IT service delivery and technology innovation.d) Enterprise governance and architecture experience (preferably an IT enterprisegovernance level certification (e.g. CGEIT)e) Bimodal project experience (e.g. project management professional – PMP | certifiedscrum master – CSM)f) Knowledge and experience of system development lifecycle practices and agileoperating models (e.g. Development Operations – DevOps)ITIL change and configuration management (ITIL) – Candidate to provide Certificationlevel.g) Security knowledge and experience (e.g. Certified information security manager orrelevant security certification - CISM)h) University degree in a related fieldi) Senior level business and technology acumenj) Experience in facilitating technology process improvementsk) Proven problem solving and analytical skills.l) Must be able to learn and understand technologiesm) Ability to work in a team environment as well as independentlyn) Ability to effectively prioritize and execute tasks in a high-pressure environment is crucialo) Successful experience balancing a continually changing workload to ensure professionalquality deliverables are produced and project deadlines are metp) Superior attention to detail and accuracy in developing documentsq) Superior customer service skills including the ability to proactively triage, resolve and/orminimize reported issuesr) Excellent problem solving, interpersonal, organizational, and time management skillss) Strong presentation and communication skills, both oral and writtent) Experience using MS Office Tools such as Word, Excel, Visio and Power PointBackground:The client l is embarking upon anew and exciting transformational journey with the introduction of an enterprise-wide HealthInformation System using the Epic HIS system, addressing Code Grey outages, and closing gapsper the Cyber Security Audit. This HIS initiative and associated process redesign will play asignificant foundational role as a catalyst for improved patient care at HHS.Advantagesa) 15 to 20 years experience in information technology related rolesb) Must have both technology system and technology business process knowledge toperform this role.c) Experience across the IT-domain including in infrastructure, network, softwaredevelopment, applications management, IT service delivery and technology innovation.d) Enterprise governance and architecture experience (preferably an IT enterprisegovernance level certification (e.g. CGEIT)e) Bimodal project experience (e.g. project management professional – PMP | certifiedscrum master – CSM)f) Knowledge and experience of system development lifecycle practices and agileoperating models (e.g. Development Operations – DevOps)ITIL change and configuration management (ITIL) – Candidate to provide Certificationlevel.g) Security knowledge and experience (e.g. Certified information security manager orrelevant security certification - CISM)h) University degree in a related fieldi) Senior level business and technology acumenj) Experience in facilitating technology process improvementsk) Proven problem solving and analytical skills.l) Must be able to learn and understand technologiesm) Ability to work in a team environment as well as independentlyn) Ability to effectively prioritize and execute tasks in a high-pressure environment is crucialo) Successful experience balancing a continually changing workload to ensure professionalquality deliverables are produced and project deadlines are metp) Superior attention to detail and accuracy in developing documentsq) Superior customer service skills including the ability to proactively triage, resolve and/orminimize reported issuesr) Excellent problem solving, interpersonal, organizational, and time management skillss) Strong presentation and communication skills, both oral and writtent) Experience using MS Office Tools such as Word, Excel, Visio and Power PointResponsibilitiesa) 15 to 20 years experience in information technology related rolesb) Must have both technology system and technology business process knowledge toperform this role.c) Experience across the IT-domain including in infrastructure, network, softwaredevelopment, applications management, IT service delivery and technology innovation.d) Enterprise governance and architecture experience (preferably an IT enterprisegovernance level certification (e.g. CGEIT)e) Bimodal project experience (e.g. project management professional – PMP | certifiedscrum master – CSM)f) Knowledge and experience of system development lifecycle practices and agileoperating models (e.g. Development Operations – DevOps)ITIL change and configuration management (ITIL) – Candidate to provide Certificationlevel.g) Security knowledge and experience (e.g. Certified information security manager orrelevant security certification - CISM)h) University degree in a related fieldi) Senior level business and technology acumenj) Experience in facilitating technology process improvementsk) Proven problem solving and analytical skills.l) Must be able to learn and understand technologiesm) Ability to work in a team environment as well as independentlyn) Ability to effectively prioritize and execute tasks in a high-pressure environment is crucialo) Successful experience balancing a continually changing workload to ensure professionalquality deliverables are produced and project deadlines are metp) Superior attention to detail and accuracy in developing documentsq) Superior customer service skills including the ability to proactively triage, resolve and/orminimize reported issuesr) Excellent problem solving, interpersonal, organizational, and time management skillss) Strong presentation and communication skills, both oral and writtent) Experience using MS Office Tools such as Word, Excel, Visio and Power PointQualificationsa) 15 to 20 years experience in information technology related rolesb) Must have both technology system and technology business process knowledge toperform this role.c) Experience across the IT-domain including in infrastructure, network, softwaredevelopment, applications management, IT service delivery and technology innovation.d) Enterprise governance and architecture experience (preferably an IT enterprisegovernance level certification (e.g. CGEIT)e) Bimodal project experience (e.g. project management professional – PMP | certifiedscrum master – CSM)f) Knowledge and experience of system development lifecycle practices and agileoperating models (e.g. Development Operations – DevOps)ITIL change and configuration management (ITIL) – Candidate to provide Certificationlevel.g) Security knowledge and experience (e.g. Certified information security manager orrelevant security certification - CISM)h) University degree in a related fieldi) Senior level business and technology acumenj) Experience in facilitating technology process improvementsk) Proven problem solving and analytical skills.l) Must be able to learn and understand technologiesm) Ability to work in a team environment as well as independentlyn) Ability to effectively prioritize and execute tasks in a high-pressure environment is crucialo) Successful experience balancing a continually changing workload to ensure professionalquality deliverables are produced and project deadlines are metp) Superior attention to detail and accuracy in developing documentsq) Superior customer service skills including the ability to proactively triage, resolve and/orminimize reported issuesr) Excellent problem solving, interpersonal, organizational, and time management skillss) Strong presentation and communication skills, both oral and writtent) Experience using MS Office Tools such as Word, Excel, Visio and Power PointSummarya) 15 to 20 years experience in information technology related rolesb) Must have both technology system and technology business process knowledge toperform this role.c) Experience across the IT-domain including in infrastructure, network, softwaredevelopment, applications management, IT service delivery and technology innovation.d) Enterprise governance and architecture experience (preferably an IT enterprisegovernance level certification (e.g. CGEIT)e) Bimodal project experience (e.g. project management professional – PMP | certifiedscrum master – CSM)f) Knowledge and experience of system development lifecycle practices and agileoperating models (e.g. Development Operations – DevOps)ITIL change and configuration management (ITIL) – Candidate to provide Certificationlevel.g) Security knowledge and experience (e.g. Certified information security manager orrelevant security certification - CISM)h) University degree in a related fieldi) Senior level business and technology acumenj) Experience in facilitating technology process improvementsk) Proven problem solving and analytical skills.l) Must be able to learn and understand technologiesm) Ability to work in a team environment as well as independentlyn) Ability to effectively prioritize and execute tasks in a high-pressure environment is crucialo) Successful experience balancing a continually changing workload to ensure professionalquality deliverables are produced and project deadlines are metp) Superior attention to detail and accuracy in developing documentsq) Superior customer service skills including the ability to proactively triage, resolve and/orminimize reported issuesr) Excellent problem solving, interpersonal, organizational, and time management skillss) Strong presentation and communication skills, both oral and writtent) Experience using MS Office Tools such as Word, Excel, Visio and Power PointRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking for an IT Security Analyst, long term contract in Montreal.- Management of IT infrastructures security events / incidents- Monitoring of IT security events; specifically alerts triggered (alerts on the following area: IDS; AV - Virus infections, intrusions);- Events / alerts analysis in order to identify false and true positives- Design and implementation of IT infrastructures security incidents operational procedures- Produce weekly and monthly dashboard on the SOC IT security / incidents activity- Management of SOC tools; specifically the SIEM platform (RSA Security Analytics and NetWitness)- Daily management and monitoring of the platform ( to ensure that security events are collected and processed properly)- Development / customization / maintenance of correlation rules Required:- Experience in the management of IT infrastructures security events / incidentsIS Security (knowledge of IT security principles, best practices, tools that are used in securing IT resources) and related risks- Good MS Office (Word, PowerPoint, Visio, Excel) skills;- Client Focus- Ability to communicate clearly with technical teams and with non technical stakeholders. TECHNICAL SKILLS- Knowledge of SIEM products (e.g. RSA Analytics and RSA NetWitness)- Knowledge of network security products (SourceFire IDS/IPS; Cisco, Firewall,Proxies ..)- Good knowledge of network basics ( OSI, NAT, …)- Knowledge of network packets analysis (Wireshark, TcpDump, …)-2/5+ years in IT infrastructures security ideally in a SOC; specifically in the management of IT infrastructures security events / incidents and the management of SIEM platforms (preferably in a SOC team)- Bilingual AdvantagesLong term contract, 40 hours a week, large banking environment, Montreal based. Lots of opportunities to evolve within the organizationResponsibilities- Management of IT infrastructures security events / incidents- Monitoring of IT security events; specifically alerts triggered (alerts on the following area: IDS; AV - Virus infections, intrusions);- Events / alerts analysis in order to identify false and true positives- Design and implementation of IT infrastructures security incidents operational procedures- Produce weekly and monthly dashboard on the SOC IT security / incidents activity- Management of SOC tools; specifically the SIEM platform (RSA Security Analytics and NetWitness)- Daily management and monitoring of the platform ( to ensure that security events are collected and processed properly)- Development / customization / maintenance of correlation rulesQualifications- Experience in the management of IT infrastructures security events / incidentsIS Security (knowledge of IT security principles, best practices, tools that are used in securing IT resources) and related risks- Good MS Office (Word, PowerPoint, Visio, Excel) skills;- Client Focus- Ability to communicate clearly with technical teams and with non technical stakeholders. SummaryOur client is looking for an IT Security Analyst, long term contract in Montreal.- Management of IT infrastructures security events / incidents- Monitoring of IT security events; specifically alerts triggered (alerts on the following area: IDS; AV - Virus infections, intrusions);- Events / alerts analysis in order to identify false and true positives- Design and implementation of IT infrastructures security incidents operational procedures- Produce weekly and monthly dashboard on the SOC IT security / incidents activity- Management of SOC tools; specifically the SIEM platform (RSA Security Analytics and NetWitness)- Daily management and monitoring of the platform ( to ensure that security events are collected and processed properly)- Development / customization / maintenance of correlation rules Required:- Experience in the management of IT infrastructures security events / incidentsIS Security (knowledge of IT security principles, best practices, tools that are used in securing IT resources) and related risks- Good MS Office (Word, PowerPoint, Visio, Excel) skills;- Client Focus- Ability to communicate clearly with technical teams and with non technical stakeholders. TECHNICAL SKILLS- Knowledge of SIEM products (e.g. RSA Analytics and RSA NetWitness)- Knowledge of network security products (SourceFire IDS/IPS; Cisco, Firewall,Proxies ..)- Good knowledge of network basics ( OSI, NAT, …)- Knowledge of network packets analysis (Wireshark, TcpDump, …)-2/5+ years in IT infrastructures security ideally in a SOC; specifically in the management of IT infrastructures security events / incidents and the management of SIEM platforms (preferably in a SOC team)- BilingualRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

IT Security Solutions ArchitectLocation : Montréal / RemoteDuration: 10 months / renewableSummary:Reporting to the Manager IT Security Architecture the Security Solution architect / advisor is responsible of the architecture of security solutions and security advisories on projects.Participating in IT Security Projects under his responsibilities and ensuring they are in line with business initiatives.AdvantagesPlease contact your Randstad Recruitment Consultant to learn more of the advantages and benefits of this roleResponsibilitiesParticipating in IT Security Projects under his responsibilities and ensuring they are in line with business initiatives.•Defining security requirements of IT projects•Defining security services and its evolution•Participating in Security Solution selectionContributing :•The development of security strategies and different initiatives•The development and realization of the security programRealizing the following tasks•Collaborate with different IT teams.•Provide high level security analysis on different security matters.•Understands the business implication requirements of compliance initiatives: Exostar, GDPR, ITAR. SOX•Take charge of tasks related to the team.•Perform technical tasks if required.• This person needs to have the ability to participate in multiple mandates simultaneously.Qualifications•Bachelor’s degree in information technology or other relevant programs•Five years’ experience in an IT Security Architect role•Good knowledge and experience in IT Security, infrastructure and Telecommunications.•Knowledge of security architecture and methodology (TOGAF, SABSA, etc)•Good knowledge risk analysis methodologies (e.g. ISO,).•The following certifications are an asset: CISSP, CISM and CISA.•Good understanding of major compliance requirements: GDPR, Exostar, Export control, Sarbanes Oxley.•Knowledge IT control frameworks (NIST, CIS, ISO, etc) and a good understanding of IT General Controls.•Aerospace industry knowledge would be considered an asset.•Advisor on IT projects•Excellent people skills•Initiative, leadership, customer focus•Results oriented and meeting commitments.•Innovation/Creativity/Accountability is an asset.•Self-motivated, dynamic, and team player.•Ability to interact with staff, peers and customers on a technical and professional level•Bilingualism (French and English) is required.SummaryIT Security Solutions ArchitectLocation : Montréal / RemoteDuration: 10 months / renewableSummaryReporting to the Manager IT Security Architecture the Security Solution architect / advisor is responsible of the architecture of security solutions and security advisories on projectsRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

IT Security SpecialistLocation: Montréal / RemoteDuration: 6 months / renewable / renouvelableBilingualism : ObligatoryYour MissionAs an IT Security Analyst – Compliance, your mission is to support the Security, Compliance and Risks Management team with various compliance initiatives.Your Role & Main Responsibilities•Act as spokesperson and expert in information security, risks management and compliance to support all business units before and during their projects•Produce reports to recommend processes and procedures to implement such requirements as required by ISO 27002, GDPR, Bill 64 and PIPEDA•Follow the maturity of the cybersecurity department based on NIST CSF and elaborate a plan to increase the maturity•Respond to customers request regarding the corporate security controlsBe an inspirational and motivational colleague•Share knowledge with the team members & participate in the Cybersecurity Chapter•Contribute to the collaborative and stimulating work environment•Be a change agent & Agile mindset promoter•Be connected to the industry to know tendencies and suggest innovative ideasYour QualificationsSoft skills•Want to be in a performing team•Show Initiative & leadership•Be customer orientated•Display a sense of collaboration (teamwork) & interpersonal skills•Ability to influenceTechnical skills•Bilingualism (French and English) is required•A minimum of five (5) years experience in IT Security•In-depth knowledge and experience in IT•Knowledge risk analysis methodologies and security standards (e.g. ISO, NIST)•Industry-recognized certification (CISSP, CISA, CIRISC, CISM) would be considered an asset•Knowledge of financial aspects and information technologies and common office tools•Aerospace industry knowledge would be considered an assetAdvantagesPlease contact your Randstad Recruitment Consultant to learn more of the advantages and benefits of this roleResponsibilitiesYour Role & Main Responsibilities•Act as spokesperson and expert in information security, risks management and compliance to support all business units before and during their projects•Produce reports to recommend processes and procedures to implement such requirements as required by ISO 27002, GDPR, Bill 64 and PIPEDA•Follow the maturity of the cybersecurity department based on NIST CSF and elaborate a plan to increase the maturity•Respond to customers request regarding the corporate security controlsBe an inspirational and motivational colleague•Share knowledge with the team members & participate in the Cybersecurity Chapter•Contribute to the collaborative and stimulating work environment•Be a change agent & Agile mindset promoter•Be connected to the industry to know tendencies and suggest innovative ideasQualificationsYour QualificationsSoft skills•Want to be in a performing team•Show Initiative & leadership•Be customer orientated•Display a sense of collaboration (teamwork) & interpersonal skills•Ability to influenceTechnical skills•Bilingualism (French and English) is required•A minimum of five (5) years experience in IT Security•In-depth knowledge and experience in IT•Knowledge risk analysis methodologies and security standards (e.g. ISO, NIST)•Industry-recognized certification (CISSP, CISA, CIRISC, CISM) would be considered an asset•Knowledge of financial aspects and information technologies and common office tools•Aerospace industry knowledge would be considered an assetSummaryIT Security Specialist Location: Montréal / RemoteDuration: 6 months / renewable / renouvelableBilingualism : ObligatoryYour MissionAs an IT Security Analyst – Compliance, your mission is to support the Security, Compliance and Risks Management team with various compliance initiatives.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Full time 37.5h/weekWindows system administratorSupport the local Service Runtime Manager and Backfill our current Windows system Admin for daily tasksQuebec ou Lévis, Canada. Can be remote with few onsite interventionsAssessing the stability, security, and scalability of installed Windows systems.Discussing system and server upgrades with IT managers.Installing or upgrading Windows systems and servers.Providing technical support for staff and back-end system users.Troubleshooting system and server errors.Reviewing system error logs and user-reported errors.Monitoring and updating the Windows codebase.Managing user access.Monitoring system performance.Maintaining server architecture security and creating system backups.Proven work experience as a Windows Administrator. Version 2012-2016Detailed knowledge of Windows server setup, deployment, and maintenance.Ability to create scripts in Perl, Python, and similar languages.Experience with databases, patch management, VMWARE (Virtualization) and networks including LAN and WAN (telecom).Familiarity with modern operating systems and server platforms.Knowledge of network security systems, intrusion detection systems, storage (SAN, Netapp) and data backup.Good problem-solving skills and continuous improvement.Good analytical and communication skills in English and FrenchAdvantagesWork from home, manufacturing environment, company is a world leader in their field. Quebec city or Montreal ResponsibilitiesAssessing the stability, security, and scalability of installed Windows systems.Discussing system and server upgrades with IT managers.Installing or upgrading Windows systems and servers.Providing technical support for staff and back-end system users.Troubleshooting system and server errors.Reviewing system error logs and user-reported errors.Monitoring and updating the Windows codebase.Managing user access.Monitoring system performance.Maintaining server architecture security and creating system backups.QualificationsProven work experience as a Windows Administrator. Version 2012-2016Detailed knowledge of Windows server setup, deployment, and maintenance.Ability to create scripts in Perl, Python, and similar languages.Experience with databases, patch management, VMWARE (Virtualization) and networks including LAN and WAN (telecom).Familiarity with modern operating systems and server platforms.Knowledge of network security systems, intrusion detection systems, storage (SAN, Netapp) and data backup.Good problem-solving skills and continuous improvement.Good analytical and communication skills in English and FrenchSummaryProven work experience as a Windows Administrator. Version 2012-2016Detailed knowledge of Windows server setup, deployment, and maintenance.Ability to create scripts in Perl, Python, and similar languages.Experience with databases, patch management, VMWARE (Virtualization) and networks including LAN and WAN (telecom).Familiarity with modern operating systems and server platforms.Knowledge of network security systems, intrusion detection systems, storage (SAN, Netapp) and data backup.Good problem-solving skills and continuous improvement.Good analytical and communication skills in English and FrenchRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Identity & Access Management Analyst - Long term contractMissions The Identity & Access Management (IAM) Analyst is responsible for the delivery of IAM missions in the Americas region to ensure security controls are functioning both effectively and efficiently. This position requires hands-on engagement as a security analysis and demands strong collaboration with global contributors at all levels of the organization. The role also requires the candidate to manage all aspects of their projects, lead contributors from globally distributed teams, and to regularly communicate updates to senior management.The ideal candidate will have a solid understanding of IAM principles, security best practices (e.g. NIST, ISO), and key regulations applicable to a global financial services organization (e.g. NYDFS 500, GDPR).Essential competencies include highly proactive and autonomous engagement, strong communication capabilities at all levels of the organization, and ability to influence without authority at both the regional and global level.As a member of the global Data & Cyber Security (DCS) team, the candidate will focus on driving global transformational IAM initiatives supporting business operations in the Americas region. Candidate will be involved in all facets of security analysis and project management with key responsibilities being:Independently develop project plans and drive initiatives through their full lifecyclePerform policy, process and data analysis to assess requirements and identify control gapsDefine and implement solutions to align controls with defined risk tolerancesEnsure solutions are strategically aligned, regulatorily compliant, sustainable, and make efficient use of organizational resourcesPropose and secure support for both tactical and strategic risk mitigation recommendationsLead coalition of project contributors from the global infrastructure, IT, and business teamsProvide continuous project status updates to sponsors, stakeholders, and senior managementCollaborate with DCS GRC, risk team, and auditors/regulators in risk assessment and mitigationEstablish and maintain strong levels of trust with both regional and global partners Profile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesAdvantagesLong term contract, 40 hrs a week, large banking environment, Montreal based. Lors of room to grow and develop skills with training and coachingResponsibilitiesMissions The Identity & Access Management (IAM) Analyst for Société Générale is responsible for the delivery of IAM missions in the Americas region to ensure security controls are functioning both effectively and efficiently. This position requires hands-on engagement as a security analysis and demands strong collaboration with global contributors at all levels of the organization. The role also requires the candidate to manage all aspects of their projects, lead contributors from globally distributed teams, and to regularly communicate updates to senior management.The ideal candidate will have a solid understanding of IAM principles, security best practices (e.g. NIST, ISO), and key regulations applicable to a global financial services organization (e.g. NYDFS 500, GDPR).Essential competencies include highly proactive and autonomous engagement, strong communication capabilities at all levels of the organization, and ability to influence without authority at both the regional and global level.As a member of the global Data & Cyber Security (DCS) team, the candidate will focus on driving global transformational IAM initiatives supporting business operations in the Americas region. Candidate will be involved in all facets of security analysis and project management with key responsibilities being:Independently develop project plans and drive initiatives through their full lifecyclePerform policy, process and data analysis to assess requirements and identify control gapsDefine and implement solutions to align controls with defined risk tolerancesEnsure solutions are strategically aligned, regulatorily compliant, sustainable, and make efficient use of organizational resourcesPropose and secure support for both tactical and strategic risk mitigation recommendationsLead coalition of project contributors from the global infrastructure, IT, and business teamsProvide continuous project status updates to sponsors, stakeholders, and senior managementCollaborate with DCS GRC, risk team, and auditors/regulators in risk assessment and mitigationEstablish and maintain strong levels of trust with both regional and global partnersQualificationsProfile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesSummaryProfile Knowledge & Experience7-10 years of experience in information security, identity & acess management and related security practicesStrong communication, analytical, problem solving, and project management skillsAbility to effectively influence without authorityExperience working in a global context with a broad range of policies and proceduresExperience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulatorsProficiency with CyberArk, SailPoint, and MS Office suite (Excel, PowerPoint, Word)Experience with implementation of IAM controls on the public cloudStrong understanding of computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplinesUnderstanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)French language skills (preferred)Education/CertificationsBachelors degree in Information Security, Computer Science or a related concentrationCISSP, CCSP, CCSK, CISM or related certification(s) requiredCertified training in information security solutions and practicesRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking for a Third Party Senior Analyst, long term contract in Montreal Responsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsAdvantagesLong term contract, 40 hours a week, large banking environment, Montreal based. Lots of opportunities to evolve within the organizationResponsibilitiesResponsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementQualificationsProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsSummaryOur client is looking for a Third Party Senior Analyst, long term contract in Montreal Responsibilities:•Project management of special projects relating to improving third-party vendor process•Develop incident response and resilience processes across various areas such as business, legal and technical components•The role may also involve information risk assessments for new vendors and critical vendors•Assist Department Heads and Managers with vendor selection process through information security risk review, completion of due diligence tasks and risk assessments•Troubleshoot all vendor problems and present to management as required•Provide status reports to senior management, auditors, and regulators•Research on industry/regulatory and cyber security issues•Up to date and continuing education of compliance related issues and value-added training•Perform ad hoc analyses and participate in special projects as needed by managementProfile •5 years experience in Information Security or ideally (but not preferred) Information Security Vendor Risk Management experience•5+ years experience in Information Security Incident Response•Experience in disciplines such as application and network security (in particular firewall analysis and network port analysis is highly preferred)•Excellent communication skills and written communication skills•Proven ability to manage issues through to resolution skilled at making judgment calls•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times•Proficient with and at least one GRC tool - Archer (preferred but not mandatory)•Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred•Requires strong analytical skills, problem solving skills, and project/program management skillsRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Responsible for the organization's SIEM (Splunk ES).Confers with and advises colleagues on administrative policies and procedures, technical problems, priorities and methods.Prepares activity and progress reports regarding new logs ingestions section.Has activities responsability, make follow ups with his/her colleagues and raise the integration issues Typically has 10 years or more experience of related experience, strong abilities to understand the infrastructure domain, Splunk tools’ experience is mandatory (Splunk Core, ES, Phantom).5 + years experienceAdvantages______________________________________________________________________________Responsibilities______________________________________________________________________________Qualifications______________________________________________________________________________Summary______________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client, a leader in the education industry, is looking for a Virtualization and Network Specialist to join their team for an initial contract to the end of December that has a strong chance of extension.Current State and Project BackgroundThe Centre for Advanced Computing (CAC) team is looking for a Virtualization and Network Specialist that can:• Work closely with the Security Operations Team at CAC, determine the technological and resource requirements for network and security infrastructure. Analyze, install, configure, monitor, maintain, and perform upgrades on both hardware, network appliances, andoperating systems.• Implement, monitor, and manage virtualization platforms and Hyper converged technologies.• Create new virtual machines, assign resources, configure backups and snapshots.• Acts as one of the high-level diagnosticians for very difficult or complex network problems. Evaluates, programs, and ensures trustworthiness and reliability of network security policies. Assist in the development of standards and monitors adherence toestablished policies and procedures. Researcher information management tools for the networks and designs monitoring methods.Working with the Centre of Advanced Computing, you will bring strong business and technical knowledge of virtualized server, networks and operating models, to help enhances the OHDPQ environment to be a secure, best in class research and analytics platform. You will be responsible for ensuring the integrity, efficiency, and high reliability service delivery of ongoing system operation activities at the Centre for Advanced Computing. Reporting to the Security Manager, you will work with a of project resources to deliver in two areas:1. The design, engineering and development of the CAC’s network standards and IT security strategies, including new processes to manage the computer networking and system infrastructure, ensuring uninterrupted support to the CAC; and2. End to end diagnostician, the Specialist troubleshoots network issues, and audits systems and processes to enhance security and ensure recoverability of confidential client dataAdvantages- strong chance of renewal- combination of remote and onsite work (the CAC is located in Kingston, Ontario). Candidate must be willing to travel to and work from Kingston periodically.ResponsibilitiesDeliverables and Objectives• Establishes a network performance baseline; designs and oversees the audit of performance measurements against the quality standard baseline.• Research and support implementation of best practices and technological developments to ensure that systems are current and capable of supporting future evolving business requirements in all areas.• Develop network and security processes and policies to ensure that procedures are promoted and followed by clients. Adapt processes and services to respond to change, to increaseefficiency and effectiveness, and to ensure that administrative systems adhere to the CAC’s business plan and the University’s goals.• Provide maintenance and technical support for production systems. Ensure that system security, backup, and recovery mechanisms are operational. Provides high-level user supportin specific software areas for network systems.• Prepares work-ups on the feasibility of projects using knowledge of the department or unit’s policies, procedures and business operations. Assists in the definition of the functionalrequirements of projects, i.e., the scope, and the various system components both manual and automated. Creates supporting analysis for budget preparation.• Ensure that outstanding operational problems are addressed on a daily basis. Contribute to restoring networks in the event of failure at any time of the day by diagnosing problems, contributing to the resolution plan by recommending solutions, and taking corrective action.• One of the key members of the on-call staff to provide continuous, uninterrupted support for the networks at CAC.• Writes technical documentation on the design and implementation of the networks for other staff in CAC and end-user faculty researchers and departments. • Maintain a high degree of knowledge/expertise in the use of computer operating systems, security, networking, communication protocols such as TCP/IP networks, and other aspects of information technology.QualificationsExperience and QualificationsTo effectively address these deliverables, the following work experience and qualification arerequired:• University degree, with a technical concentration, such as Engineering, Computer Science or related field.• Minimum 5 years) relevant experience working within the information technology field.• Demonstrated experience in installing, and maintaining reliable, large-scale, multi-user computer and virtualized environments.• Proven Experience implementing and managing large and complex data networks, wireless networks, LAN/WAN/WLAN security, and network components such as switches andfirewalls. • Proven experience with vulnerability assessment techniques and technologies.• Demonstrated experience with enterprise level multi-application networks.• Proven experience supporting and maintaining VMware cosystem. VxRails, and vSAN is anasset.• VMware VCP/HCI certifications or equivalent.• Experience in delivering and supporting high availability networked systems.• CCNA, Routing and Switching Networking Certification or equivalent required.• Systems Administration experience using Linux and Windows Server is an asset.• Effective interpersonal and communication (verbal and written) skills to interact with both technical and non-technical staff and clients at all levels.• Complex IT system administration skills in working with dedicated appliances and Linux based firewalls.• Strong interpersonal skills, with a focus on conflict management, and willingness to considervarying points of view and approachesSummary- Minimum of five (5) years’ experience in a technical writing role; experience with preparation of individual and multi-author technical documents in a university or public sector environment is preferred.visio 1-2 yearsRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Are you a Security Analyst / Consultant?Looking for your next contract opportunity?We are pleased to offer you this new and exciting CONTRACT requirement with our client for the position of:SECURITY ARCHITECT-Start: ASAP-Estimated length: 6-12+ Month-Location: Saint John, NB OR Moncton NB OR Fredericton NBPLEASE NOTE: This contract requires you to be onsite in NB.AdvantagesThis is an opportunity to work for a large employer with a solid reputation hereResponsibilitiesDevelop and execute a security incident management processPerform threat hunting and analysisIdentify and manage vulnerabilities Perform technical reviews and assessmentsDevelop security awareness materialImplement and manage technical controls to ensure that the organization is protected in accordance with its risk appetiteQualifications-A Bachelor’s degree or diploma in Computer Science or related technical discipline-5+ years experience in performing penetration testing and security incident management-Expertise in implementing risk management practices-Design and implementation of vulnerability management programs-Deep understanding of cloud architecture, application architecture-Design and implementation of security analytics-Knowledge of Process Control Systems concepts and technology-CISSP or similar certification RequiredSummaryDo you have this experience? If you answer YES, then please apply IMMEDIATELY to so we can then discuss your experience and interest in this opportunity!www.randstad.caRandstad TechnologiesCanada's largest provider of IT Staffing Solutions, offering hundreds of permanent and contract opportunities across all roles, levels and platforms. Our Web-based tools help you see and apply for jobs matched automatically to your skills and preferences. When you're ready to interview we meet with you in person to help you build the technology career path you've always wanted. Visit www.randstad.ca to get started!Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking for a Vulnerability Management Lead, large environment in downtown Montreal.The responsibilities would be: - Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects The required technical skills are:- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemAdvantagesLarge banking environmentWork from homeMontreal based40 hours - weekLong term contractResponsibilities- Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects Qualifications- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemSummaryOur client is looking for a Vulnerability Management Lead, large environment in downtown Montreal.The responsibilities would be: - Act as the main point of contact and expert in Vulnerability and Threat Assessment to the properties and network teams in order to offer solutions to new risks and threats-cOversee zero-day vulnerability process including response to zero-day threats- Act as main point of contact for firewall / network security review process; including remediation and / or risk acceptance of firewall vulnerabilities- Oversee configuration management workflow and projects to improve and develop the process- Oversee the discovery, evaluation, and implementation of vulnerability scanning, patch and configuration review, penetration testing, and malware detection solutions- Present operating and steering committees for projects to senior management- Develop and oversee annual roadmaps of initiatives to align with overall InfoSec and business objectives/strategy- Develop and manage detailed vulnerability reviews and assessments, malware detection and analysis, and patching and configuration reviews: (1) Assess potential damage of security flaws and assist in the implementation of corrective actions; (2) Identify, document, and report security issues and concerns to management; and (3) Monitor corrective actions and recommending cost-effective preventive measures to preclude recurrencesReview and sign-off on all recommendations on possible improvements resulting from the work performed as part of projects The required technical skills are:- Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MIS required- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required- 5-10 years related information security experience- Superior communications skills, both verbal and written- Direct experience managing multi-faceted IT integration projects- Working knowledge of process engineering and technical requirements generation in the user environment- Experience with current concepts in project risk assessment, metrics generation and analysis and risk management- Previous hands-on experience in an Information/Network Security Engineering role- Thorough knowledge of network and security architecture design concepts- Technical knowledge of business processes and procedures and underlying technical workings of system to support it- Ability to maximize system to support business processes, recommend and influence business process change to maximize use of systemRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client in Concord, Ontario is looking for a Network Security Specialist to join their team on a 11 month contract (with possible extension). This position will require you to work onsite 5 days a week on a small team.We are looking for someone with 2-3 years experience in a Network Security role, with experience configuring routers, switches and firewalls. Additionally you will have good knowledge of layer 2 and Layer 3 technologies as well as experience with security protocols: IPsec-VPN, TLS, Radius, Firewall, Intrusion detection and prevention system. You will also have experience with secure development lifecycle, security impact of acquired software, security software effectiveness, vulnerability assessment, risk analysis, penetration testing, misuse case testing. AdvantagesThis is a 11 month contract with the possibility of extension. This position is on site.ResponsibilitiesAs a Network security specialist you will perform functional stress performance and interoperability testing on IP routers, Ethernet switches, control applications and/or network management systems. You will develop and execute product/feature specification test plans, conduct threat and risk analysis of the software features. You will also perform product security tests and prepare security report. Additionally provide tier 3 customer support as required, troubleshooting issues to ensure timely remedy of customer concerns. Qualifications Minimum of 2 to 3 years in a Product Development environment Experience in configuring Routers, Switches and Firewalls Good Understanding/knowledge of cryptographic solutions, cryptographic methods (e.g. symmetric, asymmetric), PKI, digital signatures and certificates, non-repudiation, integrity (hashing algorithms) Knowledge of secure development lifecycle, security impact of acquired software, security software effectiveness, vulnerability assessment, risk analysis, penetration testing, misuse case testing. Knowledge of Layer 2 technologies: RSTP/MSTP, IGMP, VLAN, 802.1x authentication, DHCP, Ethernet, Link Aggregation Knowledge of Layer 3 technologies: Frame Relay, PPP, channelized interfaces, OSPF, BGP, RIP, MPLS,VRF, PIM-SM, SNMP, VRRP, QoS, IPv6, Tunneling protocols Knowledge of Security protocols: IPsec-VPN, TLS, Radius, Firewall, Intrusion detection and prevention system Knowledge of OSI Model and TCP/IP protocol stackSummaryIf you or anyone you know is Network Security Specialist with 2-3+ years experience please apply today.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

IT Security Specialist Location: Montréal / RemoteDuration: 6 months / renewable / renouvelableBilingualism : ObligatoryYour MissionAs an IT Security Analyst – Compliance, your mission is to support the Security, Compliance and Risks Management team with various compliance initiatives.Your Role & Main Responsibilities•Act as spokesperson and expert in information security, risks management and compliance to support all business units before and during their projects•Produce reports to recommend processes and procedures to implement such requirements as required by ISO 27002, GDPR, Bill 64 and PIPEDA•Follow the maturity of the cybersecurity department based on NIST CSF and elaborate a plan to increase the maturity•Respond to customers request regarding the corporate security controlsBe an inspirational and motivational colleague•Share knowledge with the team members & participate in the Cybersecurity Chapter•Contribute to the collaborative and stimulating work environment•Be a change agent & Agile mindset promoter•Be connected to the industry to know tendencies and suggest innovative ideasYour QualificationsSoft skills•Want to be in a performing team•Show Initiative & leadership•Be customer orientated•Display a sense of collaboration (teamwork) & interpersonal skills•Ability to influenceTechnical skills•Bilingualism (French and English) is required•A minimum of five (5) years experience in IT Security•In-depth knowledge and experience in IT•Knowledge risk analysis methodologies and security standards (e.g. ISO, NIST)•Industry-recognized certification (CISSP, CISA, CIRISC, CISM) would be considered an asset•Knowledge of financial aspects and information technologies and common office tools•Aerospace industry knowledge would be considered an assetAdvantagesPlease contact your Randstad Recruitment Consultant to learn more of the advantages and benefits of this roleResponsibilitiesYour Role & Main Responsibilities•Act as spokesperson and expert in information security, risks management and compliance to support all business units before and during their projects•Produce reports to recommend processes and procedures to implement such requirements as required by ISO 27002, GDPR, Bill 64 and PIPEDA•Follow the maturity of the cybersecurity department based on NIST CSF and elaborate a plan to increase the maturity•Respond to customers request regarding the corporate security controlsBe an inspirational and motivational colleague•Share knowledge with the team members & participate in the Cybersecurity Chapter•Contribute to the collaborative and stimulating work environment•Be a change agent & Agile mindset promoter•Be connected to the industry to know tendencies and suggest innovative ideasQualificationsYour QualificationsSoft skills•Want to be in a performing team•Show Initiative & leadership•Be customer orientated•Display a sense of collaboration (teamwork) & interpersonal skills•Ability to influenceTechnical skills•Bilingualism (French and English) is required•A minimum of five (5) years experience in IT Security•In-depth knowledge and experience in IT•Knowledge risk analysis methodologies and security standards (e.g. ISO, NIST)•Industry-recognized certification (CISSP, CISA, CIRISC, CISM) would be considered an asset•Knowledge of financial aspects and information technologies and common office tools•Aerospace industry knowledge would be considered an assetSummaryIT Security Specialist II – ComplianceLocation: Montréal / RemoteDuration: 6 months / renewable / renouvelableBilingualism : ObligatoryYour MissionAs an IT Security Analyst – Compliance, your mission is to support the Security, Compliance and Risks Management team with various compliance initiatives.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Job Description: DevSecOpsContextWould you like to work in a role at the heart of customer data management?Our team is responsible for the ecosystem ensuring customer data management so we are at the heart of all activities that provide a red carpet service to our customers. Your knowledge will be essential to take charge of project, operational and technological initiatives.You will be a member of a Squad that aims to innovate and develop new ways of integrating data and data sources into our assets, as well as making data available to our customers and consumers. We have taken the DevOps turn, and we have the ambition to accelerate our transformation in the coming years. To do this, we need you, your attitude and your talent.MandateYour main responsibilities will be:Develop security solutions using your developer skills and security knowledge.Everything you do as development uses the paradigms of everything as code, and your commits trigger full CI-CD pipelines all the way to production.Everything you develop is tested in an automated way, at the right level according to needs and contexts.Everything you put into production is monitored so that it can react automatically in the event of a problem (blue-green and / or canary deployments patterns).Everything you put into production follows best practices for high availability (HA).You cooperate with the bank's security groups to ensure that the solutions developed can be operated by them in the future.You actively participate in the realization of our DevOps vision by integrating all these constituents into our delivery pipelines. It means using your technical knowledge to effectively integrate our tools into our product pipelines. Concretely, you work with the members of your team to develop security solutions such as:Automation of the complete management of application certificate lifecycles: creation, revocation, renewal (à la "Let’s Encrypt").Management of application secrets using vault solutions (eg Hashicorp Vault).Optimization of identity management solutions.Complete management of flow openings using Infrastructure as code.Integration of security scanning solutions.Securing the various CI-CD processes (example: signing Docker images).Here is the technological environment in which you will evolve initially:Collaboration (JIRA / Confluence).Source code management (Git-Bitbucket).Continuous integration servers (Jenkins 2 with pipeline as code concept).Management of artefacts (Nexus, Artifactory).Report and dashboards (SonarQube).Provisioning (Ansible, Terraform).More provisioning and orchestration tools (Docker / k8s).Deployed in multi-cloud environments (private with OpenShift, public with AWS, GCP-GKE).Application monitoring (AppDynamics, Datadog, etc.) to measure applications and ensure they are delivering the expected business value to our customers.As a DevSecOps Integrator, you are a generalist in everything related to DevOps, but you have a specialty in security.Required profileIf you set yourself apart by your desire to innovate, your curiosity, your pragmatism as well as your ability to learn and adapt, you are undoubtedly the member we are looking for to complete our team! Data is at the heart of our organization and the quality of it helps guide the Bank's business decisions, but also those of our clients for their future. If you want to share your data experience, if you want to have a big impact and be at the heart of change, you are the perfect person for us!QualificationsExperience in the role of architect and / or senior designer in the delivery of projects Natural skills of leader, influencer, innovator and large-scale communicator and in a large organization Master the concepts, technologies and solutions of a modern ecosystem: domain architecture, Micro-services, API, streaming, Cloud technologies, Real-time data flow, Orchestration, "Straight Through Processing", access security, elasticity, PaaS, Cloud, DevOps, DataOps etc.Experience in solution architecture and application architecture in an environment:High volume transactionalIntegrating "legacy" systemsKnowledge of software development, source code management and DevOps tools (Jenkins, git-Bitbucket, Nexus, Docker, etc.).Knowledge of Java / Python languages.Knowledge of the software development lifecycle and Agile methodology.Development experience within teams following DevOps best practices and continuous integration.Bachelor's or master's degree in computer science, software engineering or equivalent.3-5 years or more of relevant experience.Bilingualism (French / English).Advantages______________________________________________________________________________Responsibilities______________________________________________________________________________Qualifications______________________________________________________________________________Summary______________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

As a SOAR security analyst-programmer, your mission is to collect automation needs from operational teams (Monitoring, Detection and Response), understand them, analyze them, and develop the appropriate modules in the orchestration system. SOAR. You take on a leadership role with the various stakeholders. You make recommendations relating to the development and completion of files. You are called upon to interact with different cybersecurity teams. Mastering interpersonal relationships then becomes an essential skill.You act as a consultant and content expert in your field.Main responsibilitieso Needs analysiso Linkage with stakeholders (Direct work with the various security teams)o Popularization of needs and requirements in terms of processes and toolso Continuous delivery developmento Automation of use cases and processesRequired profileA minimum of six years of relevant experienceBe familiar with the project and operational environmentBe resourceful, proactive, autonomous and think outside the boxGood interpersonal skills, knowing how to take the initiative to contact stakeholders to ensure a good understanding of needsAbility to analyze needsManage uncertainty and ambiguity in a constantly changing environment Specific knowledgeUnderstanding of cyber defense concepts and the different teams involvedDevelopment experience with the Python languageKnowledge of REST APIKnowledge of security tools and experience using security APIsKnowledge of IBM Resilient and QRadar tools or other SOAR and SIEM systems (an asset)Knowledge of French and English at advanced level, both oral and writtenAdvantages____________________________________________________________________________________Responsibilities____________________________________________________________________________________Qualifications____________________________________________________________________________________Summary____________________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client, a leader in the insurance industry is looking for a Project Manager who has experience leading cyber security based projects.The Position:You will be responsible for managing the delivery of information security projects and initiatives of various sizes and complexities. You will define, plan, and manage implementation of initiatives within agreed time, cost, and quality objectives. In collaboration with third-party vendor partners, contractors and internal IT staff, you will provide leadership on specific, assigned security-centric projects within your portfolio.Rounding out your role is the application of project management standards, disciplines and controls as described within the company's Project Management Framework to ensure successful project implementation.This is a HANDS-ON TECHNICAL PROJECT MANAGEMENT ROLEAdvantages- work on a high profile projects for a major corporation- work from home initially until quarantine is lifted ResponsibilitiesKey Responsibilities:- Deliver security-centric projects, leveraging all appropriate project management standards, disciplines, and controls as described within the Project Management Framework:- Define program/project scope; provide input into the business case- Ensure successful execution of project deliverables within scope, schedule and budget- Oversee IT and Cyber Risk regulatory compliance to IT and IT Risk Management domains- Maintain resource capacity planning Drive budget forecast and financial planning- Steering committee and stakeholder communication and status reporting- Regularly develop and produce security metrics, status reports and presentations for various audiences, including CISO, CIO and Group CISO Act as InfoSec ambassador establishing relationshipwith all levels of Business Units- Encourage and model creative approach to problem solving, relationship management, and communication to drive effective resultsTo be successful, the Security project manager needs to maintain strong relationships and communicate effectively with a number of both technical and management stakeholders, and navigate the obstacles surrounding the project and its cross-functional players.QualificationsSkills and Experience Requirements:1 - A solid background delivering multiple IT projects of various complexity ranging in budget from $10K to $500K+, and requiring collaboration among IT, business, and change management teams.- 2- 5+ years of IT project management experience Strong oral and written communication skills and effective presentation techniques- Ability to embrace agile working environment with focus on collaboration, continuous improvement, delivering value, and the ability to adapt to change -Experience with Business Process Analysis; Process Improvement and Reengineering- Experience with people and organizational change management skills, tools and techniques- In-depth understanding, knowledge and experience in Project Management Methodology (PMM)/- Project Management Institute (PMI) and PMBOK-based project management methodologies- Demonstrated ability to apply project management and IT delivery principles while maintaining appropriate situational flexibility and pragmatism- Extensive experience with project management and productivity tools (MS Project, JIRA, SharePoint, MS Visio), best practices and processes- Comprehensive understanding of Finance issues, budgeting, and cost benefit analysis, with experience in developing compelling business cases and gaining executive approval for complex initiatives.- Familiarity with concepts of Information Security and Risk Management- Excellent relationship management skills including Steering Committee and Stakeholder management (especially managing expectations)- Ability to effectively manage ambiguity- Ability to coach and motivate the team of technical SMEs on a day-to-day basisEducation: University degree or equivalent college diploma in an Information Technology related field is required Project Management certification and solid technical background would be considered assetsTechnology and Tools: Excel is mandatory (MS SharePoint, MS Visio, MS Project, JIRA, Confluence are nice to haves) skills and knowledgeSummaryKEYS TO JOB- Minimum 2 years Project management experience leading Cyber Security based initiatives - - Familiarity with concepts of Information Security and Risk ManagementRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

Our client is looking Public Cloud Security Analyst, long term contract in Montreal Responsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. Profile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.AdvantagesLong term contract, 40 hours a week, large banking environment, Montreal based. Lots of opportunities to evolve within the organizationResponsibilitiesResponsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. QualificationsProfile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.SummaryOur client is looking Public Cloud Security Analyst, long term contract in Montreal Responsibilities •Perform detailed cloud architectural and cloud infrastructure reviews including reviewing cloud configuration vs best practices and/or standards (e.g. CIS).•Perform in depth technical reviews from an application security perspective, typically involving Cloud Providers using a standard methodology such as OWASP.•Leverage industry frameworks such as CCM, NIST etc to ensure a robust cloud framework.•Help develop and build a framework to ensure a repeatable cloud review process.•Assist in Vendor risk assessment reviews, in particular 4th party cloud reviews however also review AWS and Azure Third Party risks including completion of due diligence tasks and risk assessments.•Highly collaborative position required to gather stakeholder input to ensure reviews reach a consensus – including Internal Audit, 2LOD, Global teams •Perform ad hoc analyses and participate in special projects as needed by management. Profile •7 years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a focus on Cloud Providers.•5 years experience with knowledge of configuration and networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud.•Experience with Third Party Risk Management is preferred but not required – in particular cloud providers using IaaS, PaaS or SaaS and ideally in AWS, Azure or GCP•Experience with compliance frameworks and applicability to cloud for example CCM, NIST, FFIEC, NY DFS.•Experience with technical architecture in cloud - CIS or other benchmark and configuration preferred.•Direct experience performing information security risk assessments Cloud applications and Cloud architectures. •Experience of vendors risk assessments – particularly CSPs such as Azure of AWS. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach.•Requires strong analytical skills, problem solving skills, and project/program management skills.•Solid training in computer disciplines such as application and data security, computer technology or software disciplines.•Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s.•Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC).•Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management.•Excellent written and verbal communication skills.•Proven ability to manage issues through to resolution skilled at making judgment calls.•Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times.EDUCATION/CERTIFICATIONS•Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required.•Certified training in transversal technical topics, security management, risk and compliance solutions and practices.•CISSP, CCSP, CISA, CISM, GSEC, CRISC, or related certification(s) preferred.•AWS or Azure or GCP certification.Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

You develop security architectures within the framework of various complex and transversal projects.You design and implement technological solutions aimed at meeting the evolving needs and technological targets of the organization.You represent the unit to various decision-making bodies and assume the functional supervision, coordination and coaching of professionals in his unit.Your role consists of designing detailed architectures, software, and testing and implementation strategies for very large-scale, cross-functional and highly innovative projects and files. You analyze, develop and recommend solutions and directions at the functional, organic or technological level. The importance of mastering technology and anticipating innovations as well as your ability to optimize work processes then become essential skills. You play an advisory role with customers and various stakeholders in integration and linkage, requiring you to know how to communicate effectively and demonstrate a detailed understanding of the needs of the various interlocutors. The nature of the files requires extensive and in-depth expertise in your field. The files and projects under your responsibility are strategic in nature and involve very high operational and conceptual complexity. These require a comprehensive and in-depth analysis and understanding of the business field and the organization. There are many tie-downs. You are called upon to interact with a large number of stakeholders working in various fields of expertise. You act as a consultant and exercise a leadership and influencing role with senior management, authorities and your unit.Additional Responsibilities:- Design the secure technological solutions necessary for the advancement of projects under his responsibility and develop detailed architectures in his area of ​​expertise, configurations and implementation plans for solutions meeting the evolving needs and technological targets of the 'organization.- Act as a security consultant in his field of specialty with various stakeholders and authorities.- Carry out analyzes of needs, performance capacity, production costs and determine the appropriate strategies.- Represent his unit to various committees and departments in connection with the mandates entrusted to him.- Coordinate a team of professionals during construction projects and perform the required tie-downs.- Participate in the development of operating targets and their transition strategy.- Ensure a watchdog role in order to understand and anticipate current trends and best practices in his field of expertise- Ensure the quality of the deliverables of the projects under his responsibility.Required profile :- Bachelor's degree in an appropriate discipline- A minimum of eight years of relevant experience- Experience in agile and squad mode (an asset)Specific knowledge- Knowledge of best practices in identity management, authentication and authorization of access to IT assets- Knowledge of products and technologies enabling the efficient application of authentication and authorization in a large enterprise- Knowledge of card payment systems, applicable regulations and related security and compliance features- Knowledge of application security and applicable methodologies- Knowledge of network security and applicable solutions, including firewalls, IPS, IDS, SIEM, NGFW, proxies, gateways, Wifi, segmentation, micro-segmentation, etc.- Knowledge of cloud computing security and applicable solutions- Knowledge of systems security, including operating systems, database management systems,- the notions of hardening, deployment of global policies, BYOD, NGAV, EDR, update evaluation* - Intermediate level knowledge of EnglishAdvantages________________________________________________________________________________Responsibilities________________________________________________________________________________Qualifications________________________________________________________________________________Summary________________________________________________________________________________Randstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you should advise your Randstad Representative or your local Randstad branch in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner.Information received relating to accommodation measures will be addressed confidentially.For all feedback on equity and accommodation needs, please contact your local Randstad Canada Branch.

DevOps – Temp-to-perm6 monthsLocation : Montréal / RemoteJob Summary:As DevSecOps Specialist, you will have a range of responsibilities from shaping and implementing digital security products to ensuring that we stay on the leading edge of technology and increase our client's security posture.Our DevSecOps contribute across the full technology stack, from database and DevOps infrastructure that supports continuous deployment, over native apps configuration, to front end application maintenance.As a DevSecOps, you will work in a cross-functional team with the Product Owner, SecOps Analyst, Security Architect and integrator.Your Role & Main ResponsibilitiesUse Agile engineering practices and various software and web development technologies to rapidly deploy efficient solutions that enhance corporate security posture and employee experience.Collaborate with other team members to craft clear user stories, design testsfor prototypes and products, and continuously deliver product enhancements.Communicate with IT teams about any Digital innovations that are tying into bedrock IT systems.Communicate with business stakeholders about Agile processes to set and manage expectations about delivery methods and timelines.Be a change agent & Agile mindset promoterContribute to the collaborative and stimulating work environmentBe connected to the industry to know tendencies and suggest innovative ideasYour QualificationsUniversity degree in Software science or Software engineeringMinimum 3 years’ experience programming in C# and .NET (4.7+ or Core) Good knowledge of security concept and related usage of API (REST API)Good knowledge of various scripting programing language such as: PowerShell, Python, Ansible, etc.Working knowledge of development using Azure and/or AWSExperience using Azure DevOps and deployment automation (ARM) is a plusExperience with unit testing and automated functional testingPassion for development and a demonstrated interest for continual learningKnowledge of continuous integration, continuous delivery and test-driven development Demonstrated ability to work and make decisions unsupervisedAbility to adapt quickly to changes in technology and to operate in an R&D environmentResult-oriented, strong planning and organizational skillAdvantagesPlease contact your Randstad Recruitment Consultant to learn more of the advantages and benefits of this roleResponsibilitiesUse Agile engineering practices and various software and web development technologies to rapidly deploy efficient solutions that enhance corporate security posture and employee experience.Collaborate with other team members to craft clear user stories, design testsfor prototypes and products, and continuously deliver product enhancements.Communicate with IT teams about any Digital innovations that are tying into bedrock IT systems.Communicate with business stakeholders about Agile processes to set and manage expectations about delivery methods and timelines.Be a change agent & Agile mindset promoterContribute to the collaborative and stimulating work environmentBe connected to the industry to know tendencies and suggest innovative ideasQualificationsYour QualificationsUniversity degree in Software science or Software engineeringMinimum 3 years’ experience programming in C# and .NET (4.7+ or Core) Good knowledge of security concept and related usage of API (REST API)Good knowledge of various scripting programing language such as: PowerShell, Python, Ansible, etc.Working knowledge of development using Azure and/or AWSExperience using Azure DevOps and deployment automation (ARM) is a plusExperience with unit testing and automated functional testingPassion for development and a demonstrated interest for continual learningKnowledge of continuous integration, continuous delivery and test-driven development Demonstrated ability to work and make decisions unsupervisedAbility to adapt quickly to changes in technology and to operate in an R&D environmentResult-oriented, strong planning and organizational skillSummaryDevSecOps – Temp-to-permInitial Duration: 6 monthsLocation : Montréal / RemoteRandstad Canada is committed to building a diverse workforce reflective of the diversity of Canada. As a result, we promote employment equity and encourage candidates, especially those who identify as a woman, an Aboriginal person, a person with a disability or a member of a visible minority group, and any others who may contribute to the diversification of our workforce, to apply.Randstad Canada is also committed to developing an inclusive, barrier-free selection processes and work environments.If contacted in relation to a job opportunity, you shoul