Security Risk Manager

<strong>With close to 50 years of physician-focused experience, MD has one main goal: to help Canada physicians and their families achieve financial well-being. Our commitment to work/life integration, employee well-being and ongoing learning are key factors that contribute to our overall success.</strong>

Ottawa, ON

MD Financial Management

<strong>MD Financial Management Inc. supports physicians by helping them achieve financial well-being from medical school through retirement. MD Financial Management is the manager and trustee of the MD family of funds, a group of 35 proprietary mutual funds. The company retains and supervises world-class investment managers, who manage the portfolio assets of one or more of the funds or parts of the funds.</strong> https://mdm.ca/md-wealth-management

keywords: for the sixth consecutive year,security,planning,operations,knowledge,teamwork,certification,provide,support,risk management,consulting,experience,analysis

Full-Time

Overview: <div class="col-md-24"> <p>For the sixth consecutive year, MD Financial Management has been recognized as one of the Achievers 50 Most Engaged Workplaces&trade; in North America. The annual award, given by Achievers&mdash;an industry-leading provider of employee recognition and engagement solutions&mdash;commends top employers that display leadership and innovation in engaging their workforces.</p> <p><strong><br /><br /></strong></p> </div>
Responsibilities: </strong></p> <p>The Security Risk Manager must be able to work independently and as part of a team with the need to lead and facilitate the gathering and analysis of security related data. The Security Risk Manager performs two core functions for MD. The first is the day-to-day operations and project requirements to conduct risk assessments and provide security advice and guidance as required in the capacity of Security SME. Secondary tasks include involvement in the planning and design of enterprise security architecture and security program, implementation of and maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The Security Risk Manager is expected to be fully aware, and guided, by MD’s security goals as established by its senior management and to actively work towards upholding those goals.</p> <p><strong>
Requirements: <p><strong>What You Need:</strong></p> <p>You hold a College diploma or university degree in the field of computer science and/or 3 or more years equivalent work experience.</p> <p>One or more of the following certifications is desirable:</p> <ul> <li>CompTIA Security+</li> <li>SANS certifications</li> <li>CISA and/or CRISC</li> <li>CISSP or Associate of (ISC)2</li> </ul> <p>Knowledge of Windows, Unix and/or Networking technologies</p> <p>Experience developing and implementing Policies, Procedures, Standards and Guidelines related to IT Security</p> <p>Working knowledge of security risk management and BCP/DR</p> <p>Strong understanding of threat and risk assessments</p> <p>Familiarity with security program development</p> <p>Understanding of IP, TCP/IP, and other network administration protocols.</p> <p>Participate in the planning and design of enterprise security architecture, under the direction of the AVP Security/CISO, where appropriate.</p> <p>Provide input to the AVP Security/CISO for enhancing the information security strategy when necessary.</p> <p>Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures)</p> <p>Participate in the planning and design of an enterprise security program.</p> <p>Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.</p> <p>Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.</p> <p>Assist others in understanding and implementing security policy objectives in ways that align with business objectives. Provide security input for business procedures, and new projects. Assist in the management of the security awareness and training program</p> <p>Participate in the planning and management of MD&rsquo;s security awareness and training program</p> <strong>What You Bring:</strong><br /> <ul> <li>Proven analytical and problem-solving abilities.</li> <li>Ability to effectively prioritize and execute tasks in a high-pressure environment.</li> <li>Excellent written, oral, and interpersonal communication skills.</li> <li>Ability to conduct research into IT security issues and products as required.</li> <li>Ability to present ideas in business-friendly and user-friendly language.</li> <li>Highly self-motivated and directed.</li> <li>Keen attention to detail.</li> <li>Ability to work individually and in a team-oriented collaborative environment.</li> <li>Manage and lead meetings and facilitated sessions to collect and document security related data</li> <li>Identify security risks and interpret the implications of that activity and devise plans for appropriate resolution.</li> <li>Participate in corporate and IT related projects as a Security SME.</li> <li>Maintain internal security assessments.</li> <li>Provide support to BCP Manager</li> <li>Coordinate activities with other risk and regulatory entities within MD (e.g. Legal, Privacy, Compliance, etc.)</li> <li>Participate in the design and execution of threat and risk assessments, security tests and security audits.<strong><br /><br />What Success Looks Like:<br /><br /></strong></li> <li>You are technology savvy and endeavor to find new and exciting ways to use technology.</li> <li>You feel rewarded and recognized in a way that inspires you to do your best work.</li> <li>You are engaged, enthusiastic and clearly understand how what you do contributes to MD&rsquo;s overall success</li> <li>You take great pride in the effective and thorough working relationships you have developed across MD.</li> <li>You are constantly learning and honing your skills.</li> </ul>