Offensive Security Advisor

Do technical challenges keep you awake at night? Do you want to constantly learn, analyze, understand things and leverage your experience, knowledge and expertise? Our Red Team needs an operator to perform adversary simulation and threat monitoring activities at Desjardins. In this role, you work with high caliber cyber-defence and insider-threat teams during activities requiring you to use modern and sophisticated offensive tools, in-house tradecraft and TTPs that you develop to effectively do your job. As an advisor in offensive security for our Red Team, you help protect IT hardware, software and data against modification, destruction and accidental or unauthorized disclosure. You also assist in authentication and access control by designing, administering and controlling proven security systems. You analyze IT system vulnerabilities and implement protective measures to back up, restore and secure systems. You lead practitioners on development projects and innovative, complex strategic initiatives, including the development of IT security standards and policies. Your initiatives require extensive, in-depth knowledge of your line of work. You make recommendations on the development and execution of projects and initiatives with a high degree of operational and conceptual complexity. You use your analytical skills and comprehensive, detailed understanding of your line of business and the organization. Coordination is critical. You interact with many stakeholders working in a wide range of fields. Interpersonal savvy is therefore essential. You serve as a specialist advisor and subject matter expert, as well as a resource person and coach for decision-making bodies. We're looking for a team player who's adept at managing a project and staying organized. More specifically, you will be required to:

• Lead large-scale development projects, initiatives and activities in your specialty area that have a significant impact on the entire organization

• Advise your clients and partners so they can position, plan, develop, select solutions for, execute and monitor strategic projects and initiatives under your responsibility

• Develop and update policies, standards, models and programs to support your unit's strategic projects and initiatives

• Identify and analyze major issues

• Diagnose issues and make recommendations to decision-making bodies

• Represent your unit before decision-making bodies

• Represent Desjardins when making agreements with external partners and organizations

• Design, develop and implement various attack chains for different levels of sophistication

• Perform the research and development required to maintain and contribute to the team's tradecraft

• Work with the Desjardins cyber defence and insider threat teams to improve prevention, detection and response capabilities

• Document and communicate detailed observations and recommendations, using plain, simple language

What we offer*

• Competitive salary and annual bonus

• 4 weeks of flexible vacation starting in the first year

• Defined benefit pension plan that provides predictable, stable income throughout retirement

• Group insurance including telemedicine

• Reimbursement of health and wellness expenses and telework equipment

* Benefits apply based on eligibility criteria.

What you bring to the table

• Bachelor's degree in a related field

• A minimum of eight years of relevant experience

• Please note that other combinations of qualifications and relevant experience may be considered

• Experience in offensive security as a Red Team operator and/or with stealth pentesting

• Experience developing creative stealth tools and automating tasks in various programming languages

• Experience operating with C2

• Knowledge of French is required

• Expertise in implementing and maintaining infrastructure with Terraform/Ansible

• Proficiency in application security and infrastructure operations

• Knowledge of modern evasive techniques (for example, antivirus, EDR, NDR)

• General knowledge of defence mechanisms and business controls

• Familiarity with the MITRE ATT&CK framework

#LI-Remote

Trade Union (If applicable)

At Desjardins, we believe in equity, diversity and inclusion. We're committed to welcoming, respecting and valuing people for who they are as individuals, learning from their differences, embracing their uniqueness, and providing a positive workplace for all. At Desjardins, we have zero tolerance for discrimination of any kind. We believe our teams should reflect the diversity of the members, clients and communities we serve.

If there's something we can do to help make the recruitment process or the job you're applying for more accessible, let us know. We can provide accommodations at any stage in the recruitment process. Just ask

Job Family

Unposting Date