Job Title: Identity & Access Management - Security Engineer

Job Location: Montreal, QC (Need Onsite day 1, hybrid 3 days from office)

Job Duration: Full Time

Job Description:

The Security Design Generalist will serve as an internal consultant within the Security Design and Controls Team, conducting comprehensive security architecture assessments across various technology systems to identify risks and recommend actionable solutions. This role offers the opportunity to collaborate with global teams and contribute to the modernization of security practices across the organization.

Responsibilities:

• Lead in-depth security assessments, prioritizing risks related to business operations and providing actionable technology risk requirements.
• Review and enhance security reference architecture and blueprints periodically to ensure alignment with best practices.
• Participate in operational and technology risk governance processes, contributing insights on technology investments and improvements.
• Collaborate with technology, business, suppliers, stakeholders, and partners globally to perform security design assessments.
• Assist in modernizing the Firm's SDLC platform, enabling deployment automation to cloud endpoints and SaaS-based tooling.

Requirements:

• Bachelor's Degree (or equivalent) with a minimum of 5 years of relevant experience in a high-paced enterprise environment.
• Strong understanding of application, network, and platform security vulnerabilities, with the ability to communicate these issues to technical teams.
• Proven experience in conducting information security assessments and presenting findings to obtain stakeholder buy-in.
• Familiarity with Cloud Service Providers (AWS, Google Cloud, Azure) and DevOps practices, including CI/CD.
• Proficiency in programming and scripting languages such as Java, JavaScript, or Python alongside experience in implementing complex applications in an enterprise environment.
• Experience with enterprise frameworks such as J2EE, .NET, and Spring.
• Familiarity with messaging protocols such as RPC, SOAP, MQSeries, JMS, RMI, and JMX.