Job posting – Senior Security Analyst

The Ministry of Citizens’ Services of the BC Provincial Government is looking for a Senior Security Analyst for the BCDevExchange organization.

Ministry of Citizens’ Services
Multiple Locations

Senior Security Analyst $72,724.97 $83,014.85 annually plus 9.9% Temporary Market Adjustment

This is a virtual position that can be performed from any location in BC.

The BCDevExchange organization embraces experimentation, innovation and empowerment. By adopting the principles, values and practices of the BCDevExchange, partner government entities adapt their typical ways of working to better align with leading practice amongst technology companies and digital agencies. Our work centers around the Exchange Lab where we host digital delivery teams working to solve priority public challenges. Digital Delivery Teams learn and improve their product with direct feedback from users every few weeks and deliver substantial value within a year.

The Senior Security Analyst is part of a cross-functional team that is responsible for the support of DevOps Containerized Platforms, DevSecOps framework and service adoption in the government. This role provides expert level information security advice and monitoring for on-prem and cloud-based platforms as your primary persona, while creating information security context for site reliability purposes, changing operational cultures and supporting DevOps teams. This position requires big-picture thinking, strong knowledge of government administration, a broad and open view of the IM/IT environment, strong experience with information security frameworks and methodologies and a dedicated commitment to improving security posture.

The BC Public Service is an award-winning employer and offers employees competitive benefits, amazing learning opportunities and a chance to engage in rewarding work with exciting career development opportunities. For more information, please see the webpage titled “What The BC Public Service Offers”.

The BC Public Service is committed to creating a diverse workplace to represent the population we serve and to better meet the needs of our citizens. Consider joining their team and being part of an innovative, inclusive and rewarding workplace.

The Indigenous Applicant Advisory Service is available to applicants that self-identify as Indigenous (First Nations, status or non-status, Métis, or Inuit) seeking work or already employed in the BC Public Service. For advice and guidance on applying and/or preparing for an interview for this opportunity, we invite applicants to connect with the Indigenous Applicant Advisor Amanda by email: IndigenousApplicants@gov.bc.ca or by phone: 778-698-1336.

Qualifications for this role include:

  • Degree, diploma or certificate in Computer Science or related discipline or an equivalent combination of education, training and experience.
  • Experience conducting log review/monitoring.
  • Minimum 3 years’ experience identifying suspicious or malicious events.
  • Minimum 3 years’ experience using security monitoring tools, vulnerability scanning and conducting complex breach investigations.
  • Minimum 3 years’ experience conducting complex information security threat and risk assessments.

For more information and to apply online by July 5, 2021, please go to: https://bcpublicservice.hua.hrsmart.com/hr/ats/Posting/view/77456

Job posting — Senior Cyber Threat Analyst

Raymond James Ltd. is seeking a Senior Cyber Threat Analyst to work in their Burnaby office.

Responsibilities:

  • Mentors CTC analysts while contributing to the fulfillment of both the CTC’s mission and leadership’s vision;
  • Serves as a primary member of the Cyber Threat Center (CTC) who handles security events and incidents on a daily basis in a fast-paced environment;
  • Acts as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process;
  • Role embodies Cyber Network Defense and a successful Cyber Threat Analyst will be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm;
  • Maintains situational awareness for cyber threats across the global firm and take action where necessary;
  • Daily responsibilities include, but are not limited to:
    • Countermeasure deployment across various technologies
    • Malware and exploit analysis
    • Intrusion monitoring and response
    • Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat
    • Continuing content development of threat detection and prevention systems
    • Data analysis and threat research
  • Maintains knowledge of security principles and best practices. Must remain current with emerging threats and trends;
  • Assists teams in various security and privacy risk mitigation efforts; including incident response;
  • Leads or participates in information security related projects or in managing strategy;
  • Conduct forensic investigations for HR, Legal, or incident response related activities;
  • Develop new forensic detective and investigative capabilities using current technical
  • solutions;
  • Work with various business units and technical disciplines in a security consultant role for cyber threats; and
  • Shares in a weekly on-call rotation and acts as an escalation point for managed security services and associates of Raymond James.

Experience and Skills:

  • B.Sc. in Computer Science, Computer Engineering, MIS, or related degree and a minimum of three (3) years of related experience in Information Security or an equivalent combination of education, training and experience. Experience should include a minimum of two (2) years in conducting Cyber Network Defense and a minimum of three (3) years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics;
  • Preferred experience includes a minimum of four (4) years in conducting Cyber Network Defense, a minimum of three (3) years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics and four (4) years of experience with in-depth forensic and intrusion analysis;
  • Systems administrator experience in Linux, Unix, Windows or OSX operating systems;
  • Knowledge of networking and the common network protocols;
  • Demonstrated ability to create complex scripts, develop tools, or automate processes in PowerShell, Python or Bash;
  • One or more of the following certifications or the ability to obtain within 1 year:
    • OSCP – Offensive Security Certified Professional
    • OSCE – Offensive Security Certified Expert
    • GXPN – Exploit Researcher and Advanced Penetration Testing
    • GREM – GIAC Reverse Engineering Malware
    • GCFA – GIAC Certified Forensic Analyst
    • CCNP – Cisco Certified Network Professional
    • Knowledge of the following highly preferred:
  • Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis
    • Operating systems, such as Windows, Linux, or OSX
    • Forensic and analytical techniques
    • Networking and the common network protocols
    • Demonstrated ability to create complex scripts, develop tools, or automate processes
    • Demonstrated ability to perform static and dynamic malware analysis
    • Demonstrated ability to analyze large data sets and identify anomalies
    • Demonstrated ability to quickly create and deploy countermeasures under pressure
    • Familiarity with common infrastructure systems that can be used as enforcement points

Competencies:

  • Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions;
  • Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message;
  • Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that are consistent with available facts, constraints, and probable consequences;
  • Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-related areas; remain current with developments and trends in areas of expertise;
  • Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals; and
  • Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.

If you would like to join their team, please send a resume and covering letter, quoting the position and Job Posting # 21-191 by June 24, 2021 to:

Human Resources
Raymond James Ltd.,
2100 – 925 West Georgia Street
Vancouver BC V6C 3L2
Email: resumes@raymondjames.ca

Raymond James requires applicants to complete a background verification process prior to commencing employment, including but not limited to a credit and criminal record check.

Raymond James sincerely thanks all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. They are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.

Job posting — Incident Response Cyber Threat Analyst

Raymond James Ltd. is seeking an Incident Response Cyber Threat Analyst to work in their Burnaby office.

Raymond James Ltd. is Canada’s leading independent investment dealer offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, the Raymond James Cyber Threat Center (CTC) is charged with ensuring all equities are secure against all tiers of adversaries. We are the central hub for Computer Network Operations and are on the front lines of security incident response, threat hunting, and intelligence. This analyst will be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment, while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm.

Specifically this individual will:

  • Serve as a primary member of the Cyber Threat Center (CTC) who handles security events and incidents on a daily basis in a fast-paced environment;
  • Act as an Incident Handler who can handle minor and major security incidents within the defined Computer Security Incident Response process;
  • As part of the Cyber Network Defense be able to quickly analyze threats, understand risk, deploy effective countermeasures, make business critical incident response decisions, and work as part of a team of individuals dedicated to protecting the firm;
  • Maintain situational awareness for cyber threats across the global firm and take action where necessary;
  • Maintain knowledge of security principles and best practices. Must remain current with emerging threats and trends;
  • Assist teams in various security and privacy risk mitigation efforts; including incident response;
  • Lead or participate in information security related projects or in managing strategy;
  • Conduct forensic investigations for HR, Legal, or incident response related activities;
  • Develop new forensic detective and investigative capabilities using current technical solutions;
  • Work with various business units and technical disciplines in a security consultant role for cyber threats;
  • Act as an escalation point for managed security services and associates of Raymond James.

Daily responsibilities include, but are not limited to:

  • Countermeasure deployment across various technologies;
  • Malware and exploit analysis;
  • Intrusion monitoring and response;
  • Assessing alerts and notifications of event activity from intrusion detection systems and responding accordingly to the threat;
  • Continuing content development of threat detection and prevention systems;
  • Data analysis and threat research;

Limited weekend after-hours / on-call cyber threat support rotation may be required.

To qualify for this opportunity, candidates must possess:

Experience and Skills:

  • B.Sc. in Computer Science, Computer Engineering, MIS, or related degree and a minimum of five (5) years in Information Technology, with at least three (3) years of related experience in Information Security or an equivalent combination of education, training and experience. Experience should include a minimum of two (2) years in conducting Cyber Network Defense and a minimum of three (3) years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics;
  • Systems administrator experience in Linux, Unix, Windows or OSX operating systems;
  • Knowledge of networking and the common network protocols.
  • Demonstrated ability to create complex scripts, develop tools, or automate processes in PowerShell, Python or Bash;
  • One or more of the following certifications or the ability to obtain within 1 year:
    • CISSP: Certified Information Systems Security Professional
    • CCNA: Cisco Certified Network Associate
    • SANS: GCIH – Incident Handler
    • SANS: GCIA – Intrusion Analyst
  • Knowledge of the following highly preferred:
    • Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis;
    • Demonstrated ability to perform static and dynamic malware analysis;
    • Demonstrated ability to analyze large data sets and identify anomalies;
    • Demonstrated ability to quickly create and deploy countermeasures under pressure;
    • Familiarity with common infrastructure systems that can be used as enforcement points.

Competencies:

  • Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions;
  • Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message;
  • Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that are consistent with available facts, constraints, and probable consequences;
  • Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-related areas; remain current with developments and trends in areas of expertise;
  • Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals;
  • Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.
  • NOTE: This role is required to work a permanent 2 p.m. to 10 p.m shift Monday – Friday in their Burnaby office. Paid parking is provided.

This is a permanent full-time position with a competitive compensation and benefits package.

If you would like to join the Raymond James team, please send a resume and covering letter, quoting the position and Job Posting # 21-176 by June 18, 2021 to:

Human Resources
Raymond James Ltd.,
E-mail: resumes@raymondjames.ca

To be considered for employment candidates will be required to provide proof of citizenship, permanent residency or eligibility to work in Canada with no restrictions. Raymond James requires applicants to complete a background verification process prior to commencing employment with the company, including but not limited to a credit and criminal record check. Employment is contingent on the satisfactory completion of a pre-employment background check.

Raymond James sincerely thanks all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. We are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.

Job Posting — Senior Business Systems Analyst (Information Security)

The Information Risk Management team within the Information Services Division the Insurance Corporation of British Columbia (ICBC) is currently looking for a Senior Business Systems Analyst (Information Security).

The position supports Information Risk Management to ensure ICBC meets business, legal, and stakeholder requirements for information security while managing costs. The successful candidate will be expected to function as a senior member of the Information Risk Management team, providing leadership and mentoring to team members while acting with minimal direction from the Manager.

In this role you will be working closely with business and technology stakeholders to identify business needs as they pertain to information security and seek alignment with policies, standards and other governance documents. You will take a leadership role to effectively articulate information security requirements, collaborate with team members and stakeholders such as Privacy & Freedom of Information and IT Security to facilitate the development and implementation of security processes and technology improvements. As part of your duties you complete risk assessments working while closely with business and technology stakeholders. You will provide ongoing reviews, improvements, and updates to existing information security policies, standards, strategies, risk assessment processes, and other governance documents and processes. You will plan, lead, and implement information security projects and initiatives while providing leadership and mentoring to other team members.

Position Requirements

You have knowledge of:

  • The ISO 27000 framework or similar information security management systems
  • Information security threats and the typical security controls used to mitigate those threats
  • Concepts of risk management, especially of the ISO 27002 and ISO 31000 risk management processes
  • Information Technology governance, risk, and compliance processes
  • Knowledge of industry standards such as NIST, COBIT, PCI DSS, etc.
  • The BC Freedom of Information and Protection of Privacy Act (FIPPA)
  • e-Discovery and Legal Hold trends and legislation

You have skills to:

  • Evaluate risks to information and technology, including threat assessment, likelihood and impact assessment, and request executive risk management decisions
  • Demonstrated strength in facilitation and communication
  • Identify opportunities for improvements in business use of systems
  • Provide guidance about information security policy compliance
  • Draft executive and external briefing notes, security alerts and updates, and employee communications regarding information security policy and awareness issues
  • Present security issues to varied audiences
  • Work with outside parties to perform regular cyber security audits and training and be responsible for addressing any exposures identified within the audit
  • Knowledge and understanding of software development lifecycle, from application design and development to testing,
  • implementation and production support
  • Strong focus on systems analysis, process, process improvement, and quality
  • Data-driven, analytical with strong problem-solving skills

You bring these credentials:

  • Bachelor’s degree in Information Technology (IT), Computer Science or equivalent
  • Several years of related experience including at least a few years in IT security
  • An information security certification such as Certified Information Systems Security Professional (CISSP) is an asset, but not required

Only candidates legally entitled to work in Canada will be considered for this position.

You can view this job posting and apply for the position through ICBC’s website up to May 30, 2021.

ICBC’s job is to make sure the car insurance system works for all British Columbians, today and in the future. If you want to make the most of your skills and expertise while growing your career, ICBC wants you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact ICBC today to be part of their talented and diverse team as they work together to create an insurance system that all can be proud of.

ICBC welcomes applications from all qualified job seekers. If you are a job seeker with a disability, please let ICBC know as adjustments can be made to help support you in delivering your best performance.

Job Posting — Information Protection Advisor

The Insurance Corporation of British Columbia (ICBC) has an exciting opportunity for an experienced Information Protection Advisor to work in our Information Risk Management Department. As part of this team you will gather electronic evidence to support investigations. You will provide information security governance and compliance services to corporate and divisional projects, conduct risk assessments and penetration tests, and present findings to business risk owners. You will also develop security policies and standards.

To make an immediate contribution, you will draw on your demonstrated experience:

  • Gathering electronic evidence to support investigations, including extracting and interpreting systems log files and conducting computer forensics and mobile device forensics
  • Analyzing threats and assessing information security exposures to ICBC’s information and ICBC’s information technology systems
  • Performing regular pen tests and security tests on ICBC Systems, as well as engaging third parties to perform regular penetration tests
  • Developing electronic investigation processes and procedures
  • Developing proactive monitoring rules, triaging alerts, and handling incidents
  • Recommending, creating, and updating corporate principles, policies, standards, and procedures related to information security
  • Consulting on corporate and divisional projects as an Information Security Lead, identifying information security risks, communicating with the business owners to establish impact, recommending treatment plans to remain within business risk tolerance, and tracking treatment plans through implementation
  • Collect information security metrics to monitor and enhance the information security program at ICBC
  • Creating information security awareness media, including posters, online communications, blog articles, audio and video recordings, and other media.

Position Requirements

Key to your success in this role requires you to bring knowledge related to:

  • Principles, standards, practices, and tools pertaining to information systems security
  • The ISO/IEC 27000 framework for building Information Security Management Systems
  • BC’s Freedom of Information and Protection of Privacy Act (FIPPA); and e-Discovery and Legal Hold trends and legislation
  • Strong understanding of distributed systems and how they work
  • Incident handling processes and procedures
  • Trends and developments in the information and technology security field
  • Familiarity with SOC and SIEM tools
  • Familiarity with third party audit reports such as SSAE 16, SOC 2

Due to the nature of this position, the successful candidate must meet the Canadian Border Service security clearance requirements of the Enhanced Driver License Program.

It would be considered an asset if your experience is supported by a business or technology degree and if you have industry recognized certifications such as a Certified Information Systems Security Professional (CISSP) and/or a Certified Information Systems Auditor (CISA) and/or a Certified Information Security Management (CISM) designation.

You can view this job posting and apply for the position through ICBC’s website up to May 30, 2021.

ICBC’s job is to make sure the car insurance system works for all British Columbians, today and in the future. If you want to make the most of your skills and expertise while growing your career, ICBC wants you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact ICBC today to be part of their talented and diverse team as they work together to create an insurance system that all can be proud of.

ICBC welcomes applications from all qualified job seekers. If you are a job seeker with a disability, please let ICBC know as adjustments can be made to help support you in delivering your best performance.

Job Posting — Identity and Access Management Application Developer

Raymond James Ltd. is seeking a seasoned Application Developer within the Identity and Access Management (IAM) group to work in their Burnaby office. This role will be reporting directly to the head office Raymond James Financial Senior Manager, IT Identity and Access Management Security.

Raymond James Ltd. is Canada’s leading independent investment dealer offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

This group of developers, engineers, and analysts own the automation of the identity lifecycle management, and other information security automation efforts for the enterprise. The developer position requires critical thinking in designing solutions while implementing best practices following the SDLC model. Projects will vary between an agile and waterfall approach.

Specifically you will:

  • Analyze system requirements, including identifying program interactions and appropriate interfaces between impacted components and sub systems;
  • Make recommendations towards the development of new code or to reuse of existing code;
  • May lead assigned projects, including assigning tasks, coordinating efforts, and monitoring performance;
  • May recommend new technologies and methodologies to management for meeting business needs, resolving problems and exploiting opportunities. Remains current with new technologies;
  • Obtain and evaluate information on factors such as reporting formats required, costs, and security needs to determine hardware configuration;
  • Participate in software system testing and validation procedures, programming and documentation;
  • Provide technical advice and assists in solving programming problems;
  • Write and/or review system specifications, including output requirements and flow charts;
  • Assist in preparing project plans using project management tools;
  • Review test results; document test activities, and record remedial actions;
  • Ensure proper analysis of problems and programming approaches to prevent rework and schedule slippage; and
  • Performs other duties and responsibilities as assigned.

To qualify for this opportunity you possess:

  • Experience with some or all of the following applications and technologies is required;
  • Bachelor’s degree (B.A.) in Computer Science, MIS or related degree and a minimum of five (5) years of relevant development or engineering experience or combination of education, training and experience;
  • Strong database experience required, preferably with prior access control experience in SQL and Oracle;
  • Experience in the following areas: Java, SQL, REST APIs, Git, PowerShell, LDAP;
  • Intermediate level knowledge of the following: Service Now integration, .Net, HP Non Stop, MongoDB, SailPoint Identity IQ, Identity and Access Management policies and controls; and
  • Flexibility to occasionally work a non-standard shift including nights and/or weekends.

This is a permanent full-time position with a competitive compensation and benefits package

If you would like to join our team, please send a resume and covering letter, quoting the position and Job Posting # 21-114 by April 23, 2021 to:

Human Resources
Raymond James Ltd.
Email: resumes@raymondjames.ca

To be considered for employment candidates will be required to provide proof of citizenship, permanent residency or eligibility to work in Canada with no restrictions. We require applicants to complete a background verification process prior to commencing employment with the company, including but not limited to a credit and criminal record check. Employment is contingent on the satisfactory completion of a pre-employment background check.

We sincerely thank all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James Ltd. recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. We are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.

Job posting — Security Systems Engineer

Raymond James Ltd. is seeking a Security Systems Engineer to work in their Burnaby office. This role will be reporting directly to the head office Raymond James Financial Senior Manager, IT Identity and Access Management Security.

Raymond James Ltd. is Canada’s leading independent investment dealer offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

The Systems Engineer manages a variety of industry leading IAM technologies and using business driven requirements, plans and designs enterprise systems infrastructure. The role evaluates and implements hardware and software products to meet Raymond James’ information security needs. The systems engineer monitors day-to-day performance of the infrastructure and works with project teams on the integration of new systems.

Specifically you will:

  • Manage the evaluation, implementation, and upgrades of new and existing products and technologies, which typically cover a broad variety of enterprise-class infrastructure disciplines;
  • Research and recommend innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements, while adhering to technical or budgetary constraints;
  • Analyze system requirements, including identifying interactions and appropriate interfaces between affected components and sub systems;
  • Proactively plan capacity of platforms and applications;
  • May participate in projects including preparing project plans, assigning tasks, monitoring statuses, coordinating efforts, validating team recommendations, integrating efforts into a comprehensive strategy and delivering results on time;
  • Write and/or review system specifications, including output requirements, flow charts and technical diagrams;
  • Be responsible for independently resolving incidents, vulnerabilities, and problems as they are identified; and
  • Be rotating on-call responsibilities.

To qualify for this opportunity you possess:

  • Bachelor’s degree in Business, Accounting and/or Finance;
  • Minimum of a Bachelor’s degree in Computer Science, MIS or related degree and five (5) years of relevant experience in assigned area or combination or education, experience and training;
  • Event/log analysis and troubleshooting skills;
  • Experience with some or all of the following applications and technologies is required;
  • Comfortable maintaining applications on Windows or Linux platforms;
  • CA Siteminder or Ping Identity for Web Access Management and Single Sign On (SSO) using SAML;
  • RSA Technologies including SecurID and Adaptive Authentication;
  • CyberArk Enterprise Password Vault (EPV) and Privileged Session Manager (PSM);
  • Ability to read and modify scripting languages such as BASH, PowerShell, and Batch;
  • Experience with some or all of the following applications or technologies is desired; and
    • F5 APM
    • Active Directory and LDAP engineering experience
    • Microsoft Public Key Infrastructure (PKI)
    • Venafi and appviewX Certificate management
    • DNS, DHCP, and IPAM
    • PING and Okta
    • Imanami
    • SailPoint
  • Event/log analysis and troubleshooting skills

This is a permanent full-time position with a competitive compensation and benefits package

If you would like to join our team, please send a resume and covering letter, quoting the position and Job Posting # 21-113 by April 23, 2021 to:

Human Resources
Raymond James Ltd.
Email: resumes@raymondjames.ca

To be considered for employment candidates will be required to provide proof of citizenship, permanent residency or eligibility to work in Canada with no restrictions. We require applicants to complete a background verification process prior to commencing employment with the company, including but not limited to a credit and criminal record check. Employment is contingent on the satisfactory completion of a pre-employment background check.

We sincerely thank all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James Ltd. recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. We are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.

Job Posting — Information Security Engineer

Raymond James Ltd. is seeking an Information Security Engineer to work in their Burnaby or Toronto offices. They are also open to applicants from other Canadian provinces.

Raymond James Ltd. is Canada’s leading independent investment dealer offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

Under the direction of the Information Security Manager, the Information Security Engineer is responsible for architecture, design, implementation, integration, administration and maintenance of enterprise security solutions. This includes, but is not limited to network, systems, endpoint, mobile, email, identity access management, cloud and application security technologies. You will be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment, while helping steer the direction and evolution of the team. The Information Security Engineer will be required to participate in incident response to support the Cyber Threat Center and production support where and when appropriate. Extensive contact with internal customers, other information technology (IT) professionals, parent company (Raymond James Financial) and vendors is required to identify, research, analyze, and resolve complex security issues and problems.

Responsibilities:

  • Primary subject matter expert, support and central point of contact for security solutions.
  • Technical lead with the ability to mentor other members on the team.
  • Collaborate with and provide information security consulting to projects and initiatives.
  • Forward thinking to identify upcoming trends and security best practices on the network.
  • Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments.
  • Ensure enterprise security standards are in place.
  • Responsible for up-time, monitoring, reliability, stability and policy maintenance of supported systems.
  • Serves as key person in troubleshooting system problems, taking ownership of problems to resolution.
  • Produces and maintains current description and documentation of policy configuration, including tracking and documenting any changes to policies.
  • Analyzes performance trends to optimize system performance.
  • Improves operations efficiency by automating administration tasks wherever possible.

Experience and Skills:

  • Minimum of a B.Sc. in Computer Science, MIS or related degree and ten (10) years of related experience or a combination of education, training and experience.
  • (ISC)² (CISSP, CCSP, ISSAP), SANS GIAC (GCCC, GCIA, GCFA, GMON, GCIH, GPEN, GREM, GXPN), Offensive Security (OCSP, OSCE) or other security vendor certification highly desirable.
  • Experience with next generation firewall, web filtering, IPS, VPN, NAC, WAF solutions.
  • Experience with anti-malware, endpoint detection response (EDR), host based intrusion detection (HIDS), host based firewall solutions.
  • Experience with email protection gateway, anti-spam solutions.
  • Experience with mobile device management (MDM), enterprise mobile management (EMM) solutions.
  • Experience with security information and event monitoring, remote logging, log aggregation, correlation solutions (SIEM).
  • Experience with vulnerability scanners.
  • Experience with encryption at rest, in transit, Public Key Infrastructure (PKI) solutions.
  • Experience with data loss prevention (DLP) solutions.
  • Experience with identity and access management (IAM), single sign on (SSO) solutions.
  • Experience with load balancer, reverse proxy solutions.
  • Experience with troubleshooting and determining root cause analysis through log/packet analysis & debugging.
  • Experience in scripting or automation.
  • Intermediate experience with Linux.
  • Sound understanding of security concepts behind the authentication, authorization and auditing (AAA) framework.
  • Sound understanding of Microsoft products such as; Windows, Active Directory, GPOs, Exchange.
  • Sound understanding of network architecture, protocols, and standards.
  • Knowledge of web application security, secure development lifecycle (SDLC), OWASP.
  • Knowledge of cloud security SaaS, PaaS, IaaS (O365, Azure, AWS, GCP), cloud access security broker (CASB).
  • Knowledge of service management frameworks (ITIL).
  • Ability to work effectively with technical and non-technical personnel in a cross-functional setting.
  • Excellent verbal and written communication skills.

Competencies:

  • Analysis: Identify and understand issues, problems, and opportunities; compare data from different sources to draw conclusions.
  • Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
  • Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take actions that are consistent with available facts, constraints, and probable consequences.
  • Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-related areas; remain current with developments and trends in areas of expertise.
  • Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals.
  • Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.

This is a permanent full-time position with a competitive compensation and benefits package

If you would like to join our team, please send a resume and covering letter, quoting the position and Job Posting # 21-115 by April 23, 2021 to:

Human Resources
Raymond James Ltd.
Email: resumes@raymondjames.ca

To be considered for employment candidates will be required to provide proof of citizenship, permanent residency or eligibility to work in Canada with no restrictions. We require applicants to complete a background verification process prior to commencing employment with the company, including but not limited to a credit and criminal record check. Employment is contingent on the satisfactory completion of a pre-employment background check.

We sincerely thank all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James Ltd. recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. We are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.

Job Posting — Senior Business Systems Analyst (Information Security)

The Insurance Corporation of British Columbia (ICBC) is currently looking for a Senior Business Systems Analyst (Information Security) for its Information Risk Management team within the Information Services Division.

The position supports Information Risk Management to ensure ICBC meets business, legal, and stakeholder requirements for information security while managing costs. The successful candidate will be expected to function as a senior member of the Information Risk Management team, providing leadership and mentoring to team members while acting with minimal direction from the Manager.

In this role you will be working closely with business and technology stakeholders to identify business needs as they pertain to information security and seek alignment with policies, standards and other governance documents. You will take a leadership role to effectively articulate information security requirements, collaborate with team members and stakeholders such as Privacy & Freedom of Information and IT Security to facilitate the development and implementation of security processes and technology improvements. As part of your duties, you will complete risk assessments working while closely with business and technology stakeholders. You will provide ongoing reviews, improvements, and updates to existing information security policies, standards, strategies, risk assessment processes, and other governance documents and processes. You will plan, lead, and implement information security projects and initiatives while providing leadership and mentoring to other team members.

Position Requirements

You have knowledge of:

  • The ISO 27000 framework or similar information security management systems
  • Information security threats and the typical security controls used to mitigate those threats
  • Concepts of risk management, especially of the ISO 27002 and ISO 31000 risk management processes
  • Information Technology governance, risk, and compliance processes
  • Knowledge of industry standards such as NIST, COBIT, PCI-DSS, etc.
  • The BC Freedom of Information and Protection of Privacy Act (FIPPA)
  • e-Discovery and Legal Hold trends and legislation

You have skills to:

  • Evaluate risks to information and technology, including threat assessment, likelihood and impact assessment, and request executive risk management decisions
  • Demonstrated strength in facilitation and communication
  • Identify opportunities for improvements in business use of systems
  • Provide guidance about information security policy compliance
  • Draft executive and external briefing notes, security alerts and updates, and employee communications regarding information security policy and awareness issues
  • Present security issues to varied audiences
  • Work with outside parties to perform regular cyber security audits and training and be responsible for addressing any exposures identified within the audit
  • Knowledge and understanding of software development lifecycle, from application design and development to testing, implementation and production support
  • Strong focus on systems analysis, process, process improvement, and quality
  • Data-driven, analytical with strong problem-solving skills

You bring these credentials:

  • Bachelor’s degree in Information Technology (IT), Computer Science or equivalent
  • Several years of related experience including at least a few years in IT security
  • An information security certification such as Certified Information Systems Security Professional (CISSP) is an asset, but not required

You can view this job posting and apply for the position through ICBC’s website up to March 27, 2021.

ICBC’s job is to make sure the car insurance system works for all British Columbians, today and in the future. If you want to make the most of your skills and expertise while growing your career, ICBC wants you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact ICBC today to be part of their talented and diverse team as they work together to create an insurance system that all can be proud of.

ICBC welcomes applications from all qualified job seekers. If you are a job seeker with a disability, please let ICBC know as adjustments can be made to help support you in delivering your best performance.

Job Posting — Information Protection Advisor

The Insurance Corporation of British Columbia (ICBC) has an exciting opportunity for an experienced Information Protection Advisor to work in their Information Risk Management Department. As part of this team you will:

  • gather electronic evidence to support investigations,
  • provide information security governance and compliance services to corporate and divisional projects, conduct risk assessments and penetration tests,
  • present findings to business risk owners, and
  • develop security policies and standards.

To make an immediate contribution, you will draw on your demonstrated experience:

  • Gathering electronic evidence to support investigations, including extracting and interpreting systems log files and conducting computer forensics and mobile device forensics
  • Analyzing threats and assessing information security exposures to ICBC’s information and ICBC’s information technology systems
  • Performing regular pen tests and security tests on ICBC Systems, as well as engaging third parties to perform regular pen tests
  • Developing electronic investigation processes and procedures
  • Developing proactive monitoring rules, triaging alerts, and handling incidents
  • Recommending, creating, and updating corporate principles, policies, standards, and procedures related to information security
  • Consulting on corporate and divisional projects as an Information Security Lead, identifying information security risks, communicating with the business owners to establish impact, recommending treatment plans to remain within business risk tolerance, and tracking treatment plans through implementation;
  • Collect information security metrics to monitor and enhance the information security program at ICBC
  • Creating information security awareness media, including posters, online communications, blog articles, audio and video recordings, and other media.

Position Requirements

Key to your success in this role requires you to bring knowledge related to:

  • Principles, standards, practices, and tools pertaining to information systems security
  • The ISO/IEC 27000 framework for building Information Security Management Systems
  • BC’s Freedom of Information and Protection of Privacy Act (FIPPA); and e-Discovery and Legal Hold trends and legislation
  • Strong understanding of distributed systems and how they work
  • Incident handling processes and procedures
  • Trends and developments in the information and technology security field
  • Familiarity with SOC and SIEM tools
  • Familiarity with third party audit reports such as SSAE 16, SOC 2

Due to the nature of this position, the successful candidate must meet the Canadian Border Service security clearance requirements of the Enhanced Driver License Program

It would be considered an asset if your experience is supported by a business or technology degree and if you have industry recognized certifications such as a Certified Information Systems Security Professional (CISSP) and/or a Certified Information Systems Auditor (CISA) and/or a Certified Information Security Management (CISM) designation.

You can view this job posting and apply for the position through ICBC’s website up to March 31, 2021.

ICBC’s job is to make sure the car insurance system works for all British Columbians, today and in the future. If you want to make the most of your skills and expertise while growing your career, ICBC wants you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact ICBC today to be part of their talented and diverse team as they work together to create an insurance system that all can be proud of.

ICBC welcomes applications from all qualified job seekers. If you are a job seeker with a disability, please let ICBC know as adjustments can be made to help support you in delivering your best performance.

Job posting – Network Infrastructure Lead

Raymond James Ltd. is seeking a Lead – Network Infrastructure to work in their Burnaby office.

Raymond James Ltd. is Canada’s leading independent investment dealer offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

Under the direction of the Senior Manager, Information Security and Network Infrastructure, and in consultation with parent company Raymond James Financial (US) Network Manager, the Lead – Network Infrastructure is responsible for enterprise alignment & integration, managing a growing team of up to 6+ network engineers, providing technical architecture direction, and day-to-day operations.

The Network Infrastructure team’s responsibilities include all networking and infrastructure aspects for LAN, WAN, SD-WAN, Wireless (802.11x), Load Balancing (LTM/GTM), Remote Access (VPN), Firewall, Network Access Control, DDoS, Network Management solutions and Telecom in a regulated enterprise environment that focuses on availability and security. The Network Infrastructure team is also responsible for datacenter and network closet infrastructure within the co-location data centers and offices across Canada. You will be solving complex challenges in a fast-paced and continuously evolving environment, while championing the direction and evolution of a global integrated team with the parent company.

Responsibilities:

  • Primary architect and central point of contact for network infrastructure solutions specializing in routing and switching, load balancing, firewall, network security and datacenter infrastructure;
  • Manage Network Infrastructure team resourcing, planning, scheduling, and prioritizing efforts to meet overall network infrastructure commitments;
  • Technical lead with the ability to mentor other members on the network infrastructure team;
  • Collaborate with network infrastructure counterparts in the parent company RJF (US) to align enterprise standards, knowledge share, integrate solutions and create a global team;
  • Partner with a broad base of business and technical teams to ensure that networks is developed to meet business and project objectives while adhering to architectural and testing standards and established methodologies;
  • Forward thinking to identify upcoming trends, emerging technologies and evaluating new network infrastructure technologies;
  • Responsible for up time, monitoring, reliability, BCP/DR, stability and maintenance of supported systems as well as continual assessment of the quality and effectiveness of our network monitoring and alarming;
  • Manage network vendor relationships, contracts, budget and SLAs;
  • Serves as a key person in major incidents and troubleshooting network infrastructure problems, taking ownership of problems to resolution;
  • Produces and maintains documentation of network infrastructure solutions;
  • Test network performance and analyzes trends to provide statistics, metrics and reports; develop strategies for optimizing network infrastructure;
  • Improve operations efficiency by developing automation based upon analyzing and identifying significant opportunities where automation can tackle administration tasks, volume, systemic or critical operational issues;
  • Ensures Network Infrastructure solutions adhere to enterprise security standards;
  • Develop project plans, budget and feasibility studies for various network infrastructure projects, upgrades, improvements, expansions and equipment refresh;
  • Provide timely support, analysis and resolution for Network Infrastructure related problems; and
  • Provide critical tier 3 support, as required, on a 24 hours x 7 days / week basis. Excluding participation in an After Hours Support rotation.

Experience and Skills:

  • Minimum 10 years’ experience in large-scale enterprise network environments with working expert level knowledge of Data Center Network Routing & Switching, Firewall, and Load balancing technologies;
  • Minimum 3 years’ experience managing 5-10+ engineers in a team lead role;
  • Cisco (CCIE, CCNP: Routing & Switching | Security), F5 (Certified Administrator | Certified Technical Specialist), Palo Alto (PCNSE), (ISC)² (CISSP), SANS or other network security vendor certifications highly desirable;
  • Advance knowledge and experience in the following areas: Network Design, Load Balancing (LTM/GTM), Wireless, Network Security (NAC/DDoS/NGFW Firewalls), Network Aggregators, Remote Access VPN, Converged Infrastructure, Cloud Networking (SD-WAN) technologies, LAN/WAN, routing protocols (BGP, EIGRP, OSPF), switching, VLANs, spanning-tree, VOIP protocols, QoS, DHCP, DNS, etc;
  • Expert knowledge of BGP and Multicast;
  • Experience with network monitoring, management & performance testing technologies (Solarwinds, Datadog, Nagios, Cacti, Netflow, nTop, sFlow, Splunk Rancid, etc.);
  • Experience in scripting and automation;
  • Experience with troubleshooting and determining root cause analysis through log/packet analysis and debugging;
  • Experience with Datacenter facilities;
  • Experience with Cabling Standards and troubleshooting;
  • Experience in the financial services or brokerage industry is an asset;
  • Knowledge of service management frameworks (ITIL);
  • Ability to work effectively with technical and non-technical personnel in a cross-functional setting; and
  • Excellent verbal and written communication skills.

Competencies:

  • Analysis: Identify and understand issues, problems, and opportunities; compare data from different sources to draw conclusions;
  • Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message;
  • Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take actions that are consistent with available facts, constraints, and probable consequences;
  • Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-related areas; remain current with developments and trends in areas of expertise;
  • Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals; and
  • Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.

This is a permanent full-time position with a competitive compensation and benefits package.

If you would like to join our team, please send a resume and covering letter, quoting the position and Job Posting #20-162 by December 11, 2020 to:

Human Resources
Raymond James Ltd.
resumes@raymondjames.ca

To be considered for employment candidates will be required to provide proof of citizenship, permanent residency or eligibility to work in Canada with no restrictions. We require applicants to complete a background verification process prior to commencing employment with the company, including but not limited to a credit and criminal record check. Employment is contingent on the satisfactory completion of a pre-employment background check.

We sincerely thank all applicants who express an interest in this role: only those being directly considered will be contacted.

Raymond James Ltd. recognizes the value of a diverse workforce and appreciates the unique skills and special contribution of each employee. We are committed to accessibility for candidates through all stages of the recruitment process. Should you require accommodation, please contact Human Resources via email at resumes@raymondjames.ca.