Job Specifications
Join a Challenger
Being a traditional bank just isn't our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians.
How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if you're passionate about redefining the future of banking--while having fun--this could be your next big opportunity.
Our company continues to grow, and today we serve more than 670,000 people across Canada through Equitable Bank, Canada's Challenger Bank(tm), and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform (eqbank.ca) one of the top banks in Canada on the Forbes World's Best Banks list since 2021.
The Work
The Manager, Cybersecurity and Threat Modeling provides leadership and direction for the organization's security assessments and threat modeling initiatives, ensuring that security is integrated into technology solutions from design through maintenance. This role leads the Threat Modeling team, ensuring the identification of security risks early in the project and system development lifecycle, mitigating potential cyber threats through robust security design in alignment with regulatory and industry standards. The Manager collaborates with Architecture teams, product owners, and other stakeholders to ensure security controls are effectively integrated and advises on risk management strategies, directly contributing to the organization's resilience to cyber threats.
The Core Responsibilities!
Overseeing the Threat Modeling team and their processes, ensuring effective operation and high-quality output
Developing and guiding high-priority security patterns for critical technology use cases, in collaboration with key stakeholders
Leading discussions on control designs for projects, ensuring decisions are based on comprehensive cost/benefit analysis
Work with development, cloud, and infrastructure teams to identify and prioritize cyber threats and vulnerabilities during design
Collaborating in Architecture Review Council to align projects and implementations with the organization's risk appetite and compliance requirements
Provide guidance and validation for secure configurations across cloud environment, endpoints, APIs, and identity solutions.
Lead or support security tooling integration (WAF, DLP, IAM, SIEM, EDR) in product pipelines and infrastructure.
Educate engineering and business teams on secure design practices and threat awareness
Directing team goals and objectives, aligning them with strategic business priorities
Cultivating a culture of continuous improvement, mentorship, and professional development within the Threat Modeling team
Managing team performance, providing clear direction, and setting performance standards in line with organizational expectations
Let's Talk About You!
Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related field.
At least eight (8) years of Information Technology experience with at least six (6) years of security engineering / architecture experience
Strong leadership and management skills, capable of directing and developing a high-performing team
Mastery of risk-oriented thinking and the ability to lead complex IT projects and cybersecurity risk assessments
Experience performing Technology Risk Assessments and building threat models is required
Experience in coding and development or architecture is required
Experience and ability to document security architecture views and threat modeling analysis (i.e. attack trees, sequence flow diagrams, Data Flow Diagrams etc.) for various technology designs
Understanding and experience in Application Security frameworks is required (e.g. OWASP, SANS Top 20 Controls for applications)
Knowledge of control frameworks and Technology Risk Assessment methodologies is essential (e.g. NIST CSF, Zero Trust, ISO27002, ISO 31000, ISO 27005)
Excellent interpersonal skills, with proven track record of developing relationships and communicating conceptual information effectively to individuals unfamiliar with subject material
The following certifications are preferred: CCSP, SABSA, CCSK, CISM, CISSP, or CRISC
What we offer [For full-time permanent roles]
Competitive discretionary bonus
Market leading RRSP match program
Medical, dental, vision, life, and disability benefits
Employee Share Purchase Plan
Maternity/Parental top-up while you care for your little one
Generous vacation policy and personal days
Virtual events to connect with your fellow colleagues
Annual professional development allowance and a comprehensive Career Development
About the Company
Equitable Bank and its digital platform, EQ Bank, are dedicated to driving change in Canadian banking to enrich people's lives. As Canada's Challenger Bank(tm) and the seventh largest bank by assets, we provide outstanding personal and commercial banking experiences to customers and credit union members across Canada.
Through EQ Bank, our customers have named us one of the top banks in Canada on the Forbes World's Best Banks list since 2021.
Equitable Bank is a proud, wholly owned subsidiary of EQB Inc. (TSX: EQB), a leade...
Know more