We are banking at another level.

Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to fuel the success of Canadian entrepreneurs.

Choosing BDC as your employer also means:

• Flexible and competitive benefits , including an Employee Savings and Investment Plan where BDC matches part of your voluntary contributions, a Defined Benefit Pension Plan, a $750 wellness and health care spending account, to name a few

• In addition to paid vacation each year, five personal days , sick days as necessary , and our offices are closed from December 25 to January 1

• A hybrid work model that truly balances work and personal life

• Opportunities for learning , training and development , and much more...

POSITION OVERVIEW

The information security Specialist is responsible for the day-to-day security activities to ensure BDC’s technological environment is well protected and responding to information security incidents

Use and evolve Info Protection use cases (O365 – Symantec DLP – Symantec Cloud Soc etc.) to detect potential exfiltration.

CHALLENGES TO BE MET

• Develop and draft processes and procedures related to information protection operations.

• Work closely with IT operations and other teams to implement and continuously improve controls efficiency.

• Regularly verify and analyze all systems and application logs in order to identify suspicious activity and recommend solutions to eliminate or mitigate risks.

• Perform technical forensic investigation analysis when instructed and produce all documents and evidence necessary to support and meet the needs of the investigation.

• Ensure server, workstation, networking equipment, IoT are identified and mitigated.

• Develop strategies to address information security awareness and training for all stakeholders.

• Develop and implement effective and reasonable policies and procedures.

• Coordinate and track all information security related audits.

• Work with vendor to ensure Data Loss Prevention (DLP) rules are appropriate and working as expected.

• Monitor and mitigate insider threat alerts and document investigations while maintaining a high level of confidentiality.

• Respond to emergency situations as needed, to identify, assess and mitigate critical data protection issues.

• Perform other related duties as assigned.

WHAT WE ARE LOOKING FOR

• Minimum 5 years’ experience in IT, 3 of which in network and/or security

• Must have solid experience with at least one of each leading DLP tools: O365 – Symantec DLP – Symantec ClouSoc; other DLP type tools/services are an asset

• Must have solid experience with Data Loss Prevention solution: Microsoft, Symantec

• Any of the following certifications is an asset: GSEC, GPPA, GCIA, GCWN, GMON, GCDA, OSCP

• Minimum of 1 years' experience with a programming or scripting language such as Python or PowerShell in the context of IR tool building capacity

• Familiar with cyber frameworks such as ATT&CK, Cyber Kill Chain and Diamond Model

• Leadership, autonomy, vigilance, team spirit, ability to see the big picture, and discretion

• Ability to simplify complex issues

• Knowledge of open source platforms

• Sense of priority, understanding of issues, criticality and impact

• Strong working knowledge of networking technologies

• Strong experience with Windows platform

• Open-source knowledge

• Ability to share information with peers and transfer knowledge

• Ability to handle multiple requests and manage priorities

• Ability to translate and integrate theory into the specifics and tactical realities of IT operations

• Ability to effectively communicate in both official languages (English & French)

Proudly one of Canada’s Top 100 Employers and one of Canada’s Best Diversity Employers , we are committed to fostering a diverse, equitable, inclusive and accessible environment where all employees can thrive and feel empowered to bring their whole selves to work. If you require an accommodation to complete your application, please do not hesitate to contact us at accessibility@bdc.ca .

While we appreciate all applications, we advise that only the candidates selected to participate in the recruitment process will be contacted.

BDC is a bank unlike any other. We are the only bank dedicated exclusively to the development of Canadian businesses. The only institution whose purpose is to promote the growth of the Canadian economy by focusing on the success of small and medium-sized businesses, with a human touch and a genuine presence. At BDC, we’re changing people’s and businesses’ lives for the better. That’s what makes us unique as a bank.

That’s why we are banking at another level.