Full Job Description
nventive is looking for an Information Security Officer to join our Montreal or Quebec City campus.
As an Information Security Officer (ISO), you will be heavily involved in the development of a comprehensive information security program, keeping in mind the well-known triad of information security: "confidentiality, integrity and availability".
You will contribute to the drafting and application of the Information Security Policy and all other related policies. You will have to recommend and contribute to the implementation of recurring operations, analyze vulnerability reports, and suggest prioritization and corrective measures to be deployed. You are responsible for assessing potential risks and threats in the evolution of the company's infrastructure and projects, and you will have to provide direct support to the administrative team, operations team, and IT staff regarding IT security.
YOUR RESPONSIBILITIES
• Perform technology watch in cybersecurity.
• Responsible for all aspects of IT security, compliance and risk management in the short, medium and long term.
• Respond to incidents, i.e., security breach mitigations and follow up with the security committee.
• Conduct audits of our client projects to ensure data security and compliance with our security obligations during mandates.
• Be the point of contact in case of problems related to information security.
• Implement and ensure the monitoring of the customized incident response plan.
• Follow up on SOC2 and other audits on an annual basis.
• Configure firewalls and analyze potential risks when implementing new software, systems, etc.
• Document and maintain security processes.
• Analyze requests related to cyber security (software, access rights, web, etc.) as well as physical security.
• Assist in identifying, assessing, tracking, and documenting IT and application risks.
• Conduct internal security testing and internal and external vulnerability testing.
• Ensure that corporate policies are in place and that all stakeholders are aware of and aligned with these policies.
• Participate in the development of the cybersecurity culture through ongoing training and awareness.
WHAT YOU NEED
• Minimum of 2 to 3 years of relevant IT security experience in the technology industry.
• Bachelor's degree or diploma in Computer Science or other relevant field.
• Certification / training in cybersecurity.
• Strong curiosity and problem-solving skills.
• Good communication and leadership skills.
• Ability to interact with representatives from different departments and communicate technical and business concepts to all types of audiences.
• Experience with various technologies used in a SOC environment: SIEM, EDR, IDS, antivirus, firewall.
• Excellent writing skills and fluency in French and English.
• Good work organization and time management skills.
WHAT WE OFFER
• A truly flexible schedule and the possibility of taking every Friday afternoon off.
• A hybrid mode or 100% work from home, depending on your preference.
• An allowance of $500 per year for sports equipment and/or subscriptions.
• Group insurance from day one (dental, medication, telemedicine, invalidity, etc.).
• Generous referral bonus.
• Training & coaching in accordance with your career plan.
• A Mac or PC laptop, depending on your preference.
• A strong company culture and atmosphere with varied social and sports activities.
• Free English and French classes if you want to improve your level.
• Weekly lunchtime yoga classes.
• Coffee and snacks in the office.