The Security Consultant will be a subject matter expert in cyber security and support the Manager, Security Advisory and Consulting in stakeholder management by maintaining strong relationships with External/Internal Audit, Risk & Compliance, Privacy, IT Infrastructure and Operational Business Units. This senior role will provide overall strategic and tactical cybersecurity leadership to IT teams and business users in major project initiatives and new product development.
Provide consultation service on the acquisition, design, implementation and management of major IT systems, projects, initiatives, M&A, new product development.
Lead the cybersecurity risk and control design assessments for application, process, operation and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
Perform timely threat risk assessment (TRA) on applications and systems as well as cloud-based solutions and facilitate remediation tasks with other operational teams.
Third Party Supplier Assurance and Risk Assessments.
Define, develop, implement and manage security standards, policies, and procedures that mitigate risk and maximize security, service availability, efficiency and effectiveness.
Work with various stakeholders and project teams to ensure the design and implementation of resilient security architecture and technologies for optimal threat protection, monitoring and incident response.
Monitor and advise on cyber security compliance related to IT to ensure internal security controls are functioning appropriately.
Advise the organization about cyber security threats, technologies and related regulatory requirements.
Develop on-going technology risk reporting, monitoring key trends and defining security metrics to measure control effectiveness, compliance and continuous improvement.
Consult on regulatory compliance requirements, reporting and questions.
Provide support and consulting for audits, help compose management responses and appropriate remediation activities.
Qualifications & Experience:
A bachelor’s degree in Computer science, Computer Engineering or equivalent.
7 + years in Cyber Security consultative role roles, preferably within the financial services industry and/or other large/multi-national organization.
Security certification of one or more of the following: CISSP, CISA, CISM.
Practical knowledge of security risk methodologies and assessment framework.
Demonstrated strong technical writing, problem solving, and communication skills.
Extensive cybersecurity consulting experience for large IT projects.
Experience in assessing third party service providers.
Experience with enterprise security platforms and architectural design.
Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX).
Understanding of the Software Development Life Cycle and Development Operations (DevOps) principals.
Strong problem solving and critical thinking skills. Ability to prioritize and execute autonomously.
Ability to communicate and collaborate effectively across the organization and operate effectively with multiple teams and solutions towards a shared goal.
Allstate Canada Group has policies and practices that provide workplace accommodations. If you require accommodation please let us know and we will work with you to meet your needs.
Allstate Insurance Company of Canada is one of the country's leading producers and distributors of home and auto insurance products, serving Canadians since 1953. The company strives to keep its customers in "Good Hands®" as well as its employees, and is proud to be named a Best Employer in Canada. Allstate Canada is committed to making a positive difference in the communities in which it operates and has partnered with organizations such as MADD Canada, United Way and Junior Achievement. To learn more about Allstate Canada, visit www.allstate.ca . For safety tips and advice, visit www.goodhandsadvice.ca.
For the eighth consecutive year, we are proud to be recognized as
a #Kincentric Best Employer!