Founded in 1987, Croesus is a WealthTech offering cutting-edge, easy to use, and highly secure wealth management solutions. A leader in the sector with over 180 employees in Montréal and Toronto, Croesus’s solutions include a portfolio management system, a centralized portfolio rebalancing tool and application programming interfaces (APIs) which allow wealth management professionals to make informed decisions and maximize performance. The solutions are designed for interconnectivity and third-party integration to provide a best-in-class user experience and cover investment process regulatory requirements. Croesus has won several awards and industry recognition as a high-quality product supplier and a remarkable employer.

The IT Security Analyst's main mandate is to ensure the security of Croesus' information systems and to protect them against internal and external threats. In close collaboration with the DevOps teams, he/she works to improve the development cycle to include the appropriate security controls while ensuring that team members are trained in the application of these controls.

• Contributes to the definition of standards, procedures and rules related to information systems;
• Participates in the improvement of the development cycle by helping team members to consider security requirements at the beginning of the cycle (according to DevSecOps principles);
• Assists and trains team members in risk assessment and application of security controls;
• Maintains the vulnerability log and ensures patch tracking with consideration of severity;
• Analyzes and assesses infrastructure vulnerabilities and recommends solutions based on best practices;
• Examines the tools and countermeasures available to remedy the detected vulnerabilities;
• Assists teams in the analysis and evaluation of security incidents and proposes recovery tools and processes;
• Conducts internal audits to ensure compliance with established procedures;
• Assists in the implementation and management of security solutions;
• Tools the customer service center for vulnerability communications with customers;
• Maintains and manages information security tools and technologies, including SIEM, IDS / IPS, anti-malware, vulnerability scanner;
• Design and prepare metrics and key performance indicators (KPIs);
• Monitor threats and vulnerabilities;
• Coordinate external penetration tests and phishing exercises;
• Employee awareness and training.

• Bilingual (working language is french)
• Hold a certification in a security related field (CISSP, CEH, CCSK or equivalent)
• Any other relevant certification (CISA, CRISC) (an asset)
• In-depth knowledge of technical and application security measures
• Knowledge of operational security solutions (SIEM, Endpoint Protection, IPS/IDS, Firewall, PKI, etc...)
• Good interpersonal skills
• Methodical and detail oriented, but also curious enough to investigate anomalies
• Strong problem solving skills using various technologies
• Be results oriented
• Demonstrate a high degree of autonomy, a good sense of responsibility and excellent organizational skills

Offer to all our dear Croesussians !

• Annual salary + Corporate incentive plan
• Teleworking or hybrid (head office_Laval + office in Toronto)
• Unilimited vacation plan
• Sports program + Croesus GYM
• Telemedicine + group insurance (super useful for the family 😉)
• Group RRSP
• Goodies Boutique Croesus

Are you interested in this challenge? Do you believe you have the qualities and expertise required for this position? Please complete your application today.

Although all applications are carefully analyzed, we will communicate only with those selected. Thank you for your interest in Croesus.