Skip Navigation

Security Practice Lead Vulnerability Management

Apply now Job ID 36647890368 Date posted 09/21/2022

Primary Locations: Montreal, Quebec

Attendance: Hybrid

Employee Status: Regular

Schedule: Full-time

A career in cybersecurity at National Bank means being part of the transformation to directly impact the customer. Network Security Practice Lead, you will play a strategic role in the transmission of the security vision in your field to the Delivery Towers.

Evolving in the large team of the VP CISO and reporting to the Direction Principale de la protection des actifs, the Lead of Practice of Vulnerability Management plays a strategic role in the transmission of the security vision in his or her field to the Delivery Towers. The incumbent will have an advanced experience in the areas of governance and security compliance (NIST 800-x, PRP, GDPR, ISO2700x, SOX, PCI DSS, Interac, etc..)

Your role:

  • Head of Governance of National Bank's Vulnerability Management (VM) practice;
  • Responsible for a VM project portfolio and establishing related governance standard;
  • Define security controls to apply VM practice standards;
  • Assess the maturity of vulnerability management controls and identify gaps;
  • Contribute to the improvement of vulnerability management processes;
  • Provide advice and support to needs in the context of VM security practice
  • Work in project and delivery mode by ensuring the prioritization of activities according to vision, security needs, threat and risk scenarios as well as value creation;
  • Collaborate with teams and stakeholders to define and clarify needs;
  • Validate and arbitrate that the controls for VM as defined meet the security requirements;
  • Contribute to maturity audits of information cybersecurity controls (NIST or other); · Implement and coordinate Agile (Scrum) workshops with key stakeholders regarding vulnerability management strategy and issues;
  • Participate in the definition of the action plans necessary to achieve compliance to various compliancy requirements;
  • Contribute to the identification of security solutions and mechanisms to optimize the vulnerability management process and service;
  • Define and produce vulnerability management indicators (KPIs and KRIs) that measure security posture;
  • Participate in activities related to the definition of security services;
  • Participate in activities related to the reception and orientation of new security advisors;
  • Supervise ("Coach") as needed, targeted stakeholders to ensure the transfer of knowledge required in vulnerability management
  • Support cybersecurity training programs/actions.

Competencies required

  • Bachelor's degree related to the industry and 5-10 years of relevant experience.
  • Excellent knowledge in several areas of information security (CBK);
  • Excellent knowledge of several security standards such as NIST 800-xx, PCI, CSA, C2M2, CoBIT x, GDPR, HIPPA, ISO2700x, SOX; OWASP 10;
  • Excellent knowledge of the vulnerability management framework;
  • Ability to interact with representatives from different backgrounds.
  • Ability to make quick decisions in a changing environment and to be innovative.
  • Bilingualism in French and English is required as you will be dealing with partners across Canada on a regular basis.

Preferred competencies

  • CISSP, CISA, SANS certifications and other specialized certifications in the field of endpoints, asset.
  • Knowledge of several security standards such as NIST 800-xx, PCI, CSA, C2M2, CoBIT x, GDPR, HIPPA, ISO2700x, SOX, an asset.
  • Ability to write documents in a clear and structured way.

Your benefits:

In addition to competitive compensation, upon hiring you’ll be eligible for a wide range of flexible benefits to help promote your wellbeing and that of your family.

  • Health and wellness program, including many options
  • Flexible group insurance
  • Generous pension plan
  • Employee Share Ownership Plan
  • Employee and Family Assistance Program
  • Preferential banking services
  • Initiatives promoting community involvement
  • Telemedicine service
  • Virtual sleep clinic

These are a few of the benefits available to you. We have an offer that keeps up with trends as well as your needs and those of your family. 

Our dynamic work environments and cutting-edge collaboration tools foster a positive employee experience. We actively listen to employees’ ideas. Whether through our surveys or programs, regular feedback and ongoing communication is encouraged.

We're putting people first :

We're a bank on a human scale that stands out for its courage, entrepreneurial culture, and passion for people.   Our mission is to have a positive impact on peoples' lives.

Our core values of partnership, agility, and empowerment inspire us, and inclusivity is central to our commitments. We offer a barrier-free workplace that is accessible to all employees. 

We want our recruitment process to be fully accessible. If you require accommodations, feel free to let us know during your first conversations with us.

We welcome all candidates! What can you bring to our team?

 Ready to live your ambitions?


JobField: IT

Unposting Date: 2022-10-05

Job Number: INF0014Z

Posting Date: 2022-09-21

Apply nowSend this opportunity via email

Job Matching

Let us search jobs for you based on the skills and experience listed in your profile.

Start matching