777 Bay Street, Suite 2200
Job Family Group:
The Financial Crimes Unit (FCU) brings together our Cybersecurity, Fraud and Physical Security capabilities to address the ever-growing and increasingly complex global security environment. It is a highly collaborative effort that greatly enhances BMO's ability to rapidly prevent, detect, respond to, and recover from all security threats. This position offers a unique experience to learn from experienced leaders in the industry, join a team building the 21st century model for security and helping grow the good by protecting our customers and communities.
This is an amazing opportunity to work for a large global financial organization in their Info Sec space where you will have great exposure to a multi-cloud work experience. The Security Architecture Strategy and Solution team plays a pivotal role in ensuring security is incorporated in all major enterprise initiatives through close collaboration with enterprise architecture, technology and business partners. This role can be based 100% remote or it can be based in one of our 3 office locations: Toronto office (Canada), Chicago (IL-USA) , or Berkeley Heights (New Jersey-USA). **It will depend on where you currently reside, and if you reside close to one of the 3 locations**
This role supports enterprise cloud security team as an important contributor, with tactical skills and strategic vision. You will lead and facilitate the design and implementation of repeatable cloud security design patterns, cloud security solutions and processes related to technology architecture. In addition, you will define and document efficient and transparent security architecture principles, standards and guidelines regarding the proper use and deployment of business applications, data and technology within the Bank for cloud migration/use.. Additionally, you will work with business and development teams in recommending process or system design and enhancements in context of cloud security.
- Works with managers and senior individual contributors (within group) to provide security architecture recommendations & guidance as well as executive-level presentations at the enterprise level.
- Be able to draft repeatable security design patterns for cloud security areas accompanied by relevant threat modeling, based on industry best practices and security principles
- Be able to independently research cloud security solutions as per the business requirements, industry trends and ever changing threat landscape, articulating the business use case for variety of stakeholders and providing supporting evidence through market research
- With little to no supervision, be able to conduct in-depth security analysis of the cloud migration projects ensuring compliance with enterprise policies & standards, regulatory requirements and industry guidelines and best practices
- Be able to articulate the risks for the issues identified during assessments, provide relevant reporting
- Have hands-on security architecture and controls assessment experience with individual cloud technologies, products & services by major cloud service providers (AWS, Azure, GCP, in order of preference)
- Be able to assess the project end to end, with cloud-context control lenses across all layers of TCP/IP stack and be able to provide secure solutions and alternatives for the issues identified
- Be able to work collaboratively with different stakeholders including technology and business partners
- Acts as the prime subject matter expert for internal/external stakeholders for cloud security
- Stays abreast of industry technical and business trends through participation in professional associations, practice communities & individual learning.
- Provides security review and guidance for cloud projects driven by groups outside of Information security, specifically developing security requirements and developing secure designs.
- Authors cloud security standards and procedures.
We're here to help
- Minimum of 3-4+ years experience in Cloud Security
- Minimum of 6+ years experience in Information Security
- Typically 5+ years of relevant experience and a post-secondary degree in Computer Science, Engineering, or Information Systems or a related field of study or an equivalent combination of education and experience.
- Information Security certification is preferred e.g. CISSP, CISSLP, GIAC etc.
- Knowledge of computer or network systems hardware and software theory, practice, concepts and technology relevant to organizational vision - Expert.
- Sufficient business knowledge to assess impact of applied technology on customer's business processes.
- Have a diverse and broad technology experience and exposure, with financial industry background
- Experience in application security design & architecture, development frameworks, SOA, API security, server-less deployments, automation, SecDevOps, Containerization, Threat Modeling
- Knowledge of cloud security concepts, tools, products and solutions (CASB, CSPM etc.). Hands-on experience desirable.
- Knowledge of specific service offerings from various cloud service providers and associated security considerations - In depth
- Knowledge of Information security risk, and industry best practices with minimum of 2 years relevant experience - Working.
- Knowledge of the technical areas such as data warehouses, mainframes, networks, applications, network protocols, networking infrastructure etc. - Working.
- Knowledge of Corporate Policies, Standards, and operating procedures relating to information security risk.
- Seasoned professional with a combination of education, experience and industry knowledge.
- Verbal & written communication skills - In-depth / Expert.
- Analytical and problem solving skills - In-depth / Expert.
- Influence skills - In-depth / Expert.
- Collaboration & team skills; with a focus on cross-group collaboration - In-depth / Expert.
At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset.
To find out more visit us at https://bmocareers.com .
BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other's differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.