Senior Cybersecurity Specialist, Vulnerability Management (Ottawa)
Bank of Canada
Senior Cybersecurity Specialist, Vulnerability Management
The Bank of Canada seeks a senior specialist focused on vulnerability management for on‑premises and Microsoft Azure environments. The role leads the Bank’s vulnerability and exposure management program, collaborating with technical and business stakeholders to reduce the attack surface.
Responsibilities
- Work closely with the Cloud Solution Integrator to ensure newly integrated cloud services meet security standards and exposure risks are understood and managed from day one.
- Lead and continuously evolve the Bank’s vulnerability and exposure management program, including scanning, prioritization, and remediation tracking across on‑premises and Azure environments.
- Assess the security posture of cloud solutions integrated into the Bank’s environment with a primary focus on Microsoft Azure.
- Participate in an on‑call rotation and provide after‑hours support for security incidents, critical vulnerabilities, and urgent operational issues.
- Perform risk‑based analysis of vulnerabilities using threat intelligence and contextual factors (asset criticality, exploitability, business impact) to prioritize remediation efforts.
- Develop and maintain dashboards and reporting (including Power BI) to translate complex vulnerability data into clear, actionable insights for technical teams and senior leadership.
- Drive remediation workflows in collaboration with IT operations, cloud engineering, and application teams; track progress and elevate risk as required.
- Support third‑party and cloud risk assessments, evaluating security controls in Azure‑hosted services and SaaS solutions.
- Leverage AI tools and emerging technologies to enhance vulnerability detection, triage, and reporting efficiency.
- Contribute to the development and maintenance of policies, standards, and procedures related to vulnerability management and exposure reduction.
Qualifications
- Robust communicator and collaborator who builds effective relationships across technical and non‑technical teams.
- Sound judgment and adaptability, navigating ambiguity and shifting priorities while maintaining focus on outcomes.
- Analytical thinker and problem solver, interpreting complex information and translating it into clear, actionable insights for diverse audiences.
- Self‑started, demonstrating initiative, accountability, and a continuous improvement mindset.
- Hands‑on experience with enterprise vulnerability management, including use of scanning and exposure management platforms (e.g., Tenable, Qualys, Microsoft Defender for Cloud).
- Solid understanding of cloud security concepts and Microsoft Azure security services (Azure Defender, Microsoft Defender for Cloud, Azure Policy, and related tooling).
- Ability to interpret complex vulnerability data and perform risk‑based analysis using threat intelligence and contextual factors.
- Experience building and maintaining dashboards and visualizations (e.g., Power BI) to support security metrics and reporting.
- Experience leveraging AI tools (e.g., Copilot, generative AI assistants, AI‑enhanced security tooling) to enhance security analysis and workflows.
Nice‑to‑have
- Experience with Microsoft Defender for Cloud, Azure Security Center, or Microsoft Sentinel in a vulnerability and exposure management capacity.
- Familiarity with exposure management frameworks such as CTEM or similar risk‑reduction methodologies.
- Experience developing Power BI dashboards for security metrics, KPI reporting, or vulnerability program management.
- Relevant professional certifications: CISSP, CISM, CompTIA Security+, Microsoft SC‑200, AZ‑500, or equivalent.
- Experience working in a regulated environment (financial institution or Crown corporation).
Education & Experience
University degree or 3‑year college diploma in computer science, cybersecurity, information systems, software engineering, or a related discipline. Minimum of six years of recent work experience directly related to vulnerability management and exposure assessment, cloud security (preferably Microsoft Azure), information security risk management, or security operations and data analysis with reporting tools such as Power BI.
Language & Eligibility
The role requires fluency in English orFrench. Priority is given to Canadian citizens and permanent residents. Eligible for Secret security clearance. Relocation assistance may be provided. Candidates must live in Canada and be within reasonable commuting distance of the Bank’s offices.
Compensation & Benefits
Competitive salary ranging from $111,051 to $130,649 (grade17) with performance and incentive pay. Benefits include a defined‑benefit pension, health, dental, disability, and life/accident insurance, and up to five additional vacation days per year.
The Bank is an equal‑opportunity employer committed to a diverse and inclusive workplace.
#J-18808-LjbffrDo you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Cybersecurity Specialist, Vulnerability Management (Ottawa). Be the first to apply!
- access control specialist Montréal, QC
- international trade specialist Montréal, QC
- spécialiste produit Montréal, QC
- import specialist Montréal, QC
- spécialiste mise en marché Montréal, QC
- member banking specialist Montréal, QC
- e-commerce specialist Montréal, QC
- spécialiste en amélioration continue Montréal, QC
- spécialiste bi Montréal, QC
- reimbursement specialist Montréal, QC
