Web Security Specialist 3203044
- To work with some of the best professionals in the business - for a firm that values individual intellect as much as teamwork
- State-of-the-art offices that are designed to maximize collaboration
- Flexible working arrangements
- Enriching challenges that provide opportunity for constant learning and advancement
- An environment which is leveraging technology to its highest potential
Technology Risk's (Tech Risk) mandate is to enable the Firm to manage its technology related risks. The department executes the first line of defense technology risk management capabilities and implements proactive, comprehensive, and consistent risk management practices across the Firm.
Tech Risk protects the Firm’s information, systems, and infrastructure from cyber and insider threats; ensures the secure and stable delivery of services to our clients; and adjusts to risks presented by an evolving threat landscape. The department delivers a range of operational capabilities, as well as suite of advanced detection, monitoring and analytics, and provides expert advice on secure design and development and control effectiveness. Tech Risk manages responses to regulatory and client inquiries about the Firm’s technology environment and ensures Technology divisions meet governance and oversight obligations along all lines of defense, driving material and measurable risk reduction. Tech Risk maintains strategic relationships with external entities, both public and private, to facilitate information sharing and innovation in financial services, technology, and government, and is also responsible for building risk education and security awareness programs to increase vigilance across the Firm.
We are seeking to add an experienced Web Proxy subject matter expert to join our DevOps web security team. The team is responsible for engineering, integrating, deploying, and hosting web proxy infrastructure via which thousands of web applications run.
The specialist will act as a subject matter expert in the web proxy security domain.
- Architecting, testing, integrating, and deploying Web Proxy technologies.
- Work alongside the wider organization’s security experts to implement policy-based solutions
- Research industry best practices and future technologies with a view to how they could improve our current security posture.
- Interfacing with technical vendor subject matter experts and internal squads, ensuring the delivery of high-quality secure solutions.
- Training squad personnel and application support groups on newly delivered solutions.
- Bachelor’s degree in computer science or related field
- Around 5 years of proxy experience in a similar position.
- Must know how to integrate external services with proxies via ICAP, proxy chaining, and service offloads, etc.
- Moderate cloud security experience (Azure, O365, AWS, etc.)
- Practical and theoretical knowledge of web malware and how to mitigate against
- Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc.
- Strong Linux knowledge
- Experience working in DMZ environments with good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
- Hands-on proxy knowledge; Bluecoat and Zscaler experience preferred
- Hands-on CASB design, architecture, and deployment (SkyHigh, Symantec, etc.)
- Advanced proxy experience required including DevOps operational understanding
- Knowledge of Data Protection Practices (Data At Rest, In Use, In Motion, etc.) and their practical implementations
- Expert knowledge and understanding of web security concepts and cyber-attack vectors
- CISSP or similar recognized cyber security qualifications
- Experience operating in large, siloed enterprise environments
- Programming/Scripting languages: Python, Perl, AngularJS - advantage
- SASE/SD-wan - advantage
All our positions are located in Montreal, Quebec.
Knowledge of French and English is required.
Our advisory for this position
Specialist in talent acquisition & attraction
need you. Apply today