Manager, Cyber Resilience & Offensive Security
Apply NowCompany: EQ Bank | Equitable Bank
Location: Toronto, ON M4E 3Y1
Description:
Purpose of the Job:
This role is responsible for the Designing, planning and executing the bank's Cyber Resilience Testing and offensive security program, commonly referred to as "red team exercises". This role develops and manages processes that identify continuous red team and infrastructure penetration test objectives through the course of the year while also planning execution of threat simulation activities. This role facilitates the communication and presentation of technical cyber control effectiveness to key stakeholders
Main Activities:
Knowledge/Skill Requirements:
This role is responsible for the Designing, planning and executing the bank's Cyber Resilience Testing and offensive security program, commonly referred to as "red team exercises". This role develops and manages processes that identify continuous red team and infrastructure penetration test objectives through the course of the year while also planning execution of threat simulation activities. This role facilitates the communication and presentation of technical cyber control effectiveness to key stakeholders
Main Activities:
- Design and execute the bank's Cyber Resilience Testing program e.g. Red team exercises, cyber threat simulations.
- Provides input to the effectiveness testing of EQBank's Enterprise Cyber Security Controls and cyber roadmap prioritization activities.
- Drive cross-functional collaboration to achieve objectives of the programs in purview.
- Responsible for maintaining the standards, procedures and guidelines for domains under purview.
- Develop and manage measures to ensure effective monitoring control adequacy and compliance for areas under purview
- Developing and Managing means of measured performance of control processes and technologies for areas under purview.
- Provide technical guidance for team and subject matter advise to stakeholders.
Knowledge/Skill Requirements:
- A college diploma or university degree in computer science (or related course) or Industry recognized certifications (e.g. CISSP)
- Minimum of 7 years of technical IT experience with at least 3-5 years specifically focused on offensive security roles.
- Strong knowledge of cyber controls testing frameworks such as MITRE Framework
- One or more of the following certifications are highly preferred: OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), GPEN (GIAC Penetration Tester), GXPN (GIAC Exploit Researcher and Advanced Penetration Tester), CEH (Certified Ethical
- Hacker), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager)
- Strong engineering and automation experience, prior hands-on Security automation experience is desired.
- Ability to build and maintain strong working relationships with cross-functional teams and stakeholders. Collaboration is key to integrating offensive security insights across the organization.
- Strong analytical and problem-solving skills with the ability to think critically and strategically; this role needs to analyze reports to identify patterns and assess weaknesses.
- People and team management abilities.
- Technical roadmap development and execution.
- Ownership & Accountability
Non-Technical Skills