Senior IT Security Specialist

Our client in Burlington is looking for a Senior IT Security Specialist to join their expanding team.

Who You Are & the Opportunity:

As a Senior IT Security Specialist, you will play a pivotal role in driving robust security practices across the organization. This hands-on leader will provide expertise in application and infrastructure security, lead threat modeling efforts, and mentor both developers and infrastructure admins. The specialist will oversee third-party IT security platforms, manage vendor relationships, and contribute to the development of security strategies, tools, and practices. This position offers the opportunity to influence the company’s security direction, working closely with cross-functional teams and fostering a security-first culture. The ideal candidate is a proactive, technically proficient leader with extensive experience in penetration testing, red teaming, and cloud security, as well as a strong ability to communicate complex security concepts to diverse stakeholders.

Company Culture:

Our client is dedicated to fostering a workplace culture of responsibility, integrity, and respect, where open and honest communication is encouraged, and every team member feels safe and valued. Their values and promises are not simply a dream, vision, or mission, but a way of life for every person who becomes or wants to become a member of our team. These values and promises describe how they conduct business, achieve their goal, and live their passion. They are committed to maintaining an inclusive and supportive environment where all team members can thrive.

Work Type:

• Location: Burlington, ON
• Hybrid – 2-3 days a week in the office
• On-call is required if there is an emergency

How you will impact:

• Design and implement robust IT security measures across complex systems, ensuring the protection of sensitive data and compliance with industry standards.
• Advocate for and develop security principles, standards, and best practices to strengthen the organization’s security posture.
• Lead threat modelling efforts to identify vulnerabilities and create effective remediation strategies to mitigate potential risks.
• Manage and maintain the organization’s security portfolio, including third-party platforms and internal systems, ensuring optimal performance and readiness.
• Serve as a subject matter expert on cloud security for platforms like Azure, O365, and AWS, providing strategic direction and hands-on support.
• Collaborate with cross-functional teams to integrate security practices into business operations, fostering a culture of security awareness.
• Deliver user security awareness training programs and develop engaging content to educate both technical and non-technical stakeholders.
• Conduct penetration testing, vulnerability assessments, and ethical hacking to proactively identify and address security weaknesses.
• Stay current with emerging threats, trends, and technologies, continuously enhancing the organization’s security capabilities.
• Provide mentorship and guidance to team members, fostering a security-first mindset and driving best practices across the organization.

What you will bring:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 5 years of experience in IT Security, with expertise in areas such as application security, threat modelling, penetration testing, ethical hacking, security architecture, vulnerability assessment, and red teaming.
• Proven experience in conducting penetration testing and red teaming activities.
• Strong knowledge of application security practices, including SAST and DAST methodologies.
• Proficiency in at least one programming language, such as Python.
• Hands-on expertise with security tools like CrowdStrike, Metasploit, Burp Suite, and Cobalt Strike.
• Comprehensive knowledge of Microsoft Azure and AWS security management.
• Strong problem-solving and analytical skills, with the ability to manage complex security issues and develop creative solutions.
• Excellent verbal and written communication skills, capable of articulating security risks and strategies to technical and non-technical audiences.
• Demonstrated ability to work independently, manage stakeholders, and build strong relationships with internal and external partners.
• Advanced certifications such as CIAM, OSEP, OSWP, OSCP, CRTP, CRTO, CISSP, or CISM are preferred.
• A strong commitment to embodying the organization’s core values of Hospitality, Authenticity, Quality, Fun, and Courage.

Compensation:

• Salary: $110,000 to $120,000
• Full Medical Benefits (Health/Dental/Vision)
• Paid time off
• Bonus
• RRSP

If you meet 70% or more of the qualifications listed for this position, we strongly encourage you to apply! Are you not yet ready to apply, but interested in learning more about this opportunity? Please reach out to us at [email protected] for more information. We look forward to hearing from you.