Senior Security Consultant

Description

Make a difference in our mission of defending TELUS and Canadians from threat actors.

Join our team and what we'll accomplish together

We live in a fast-paced cyber-world where protecting our information has become paramount. Within the TELUS Chief Security Office (CSO), we strive to always be steps ahead, tackling the toughest security challenges with top talent and cutting-edge technology. We are a team of dynamic and highly skilled individuals passionate about finding innovative ways to approach security.

As part of the Security Analysis team, you will support vulnerability assessment and security testing of various TELUS environments and assets. This vital role will contribute to the success of the TELUS Vulnerability Management and Security Testing Program as you perform daily operations, navigate complex environments, protect key products and assets from threats and vulnerabilities, and provide direction on opportunities to strengthen the overall security posture for the organization.

You will also collaborate with key partners and stakeholders, both within CSO and beyond, to ensure alignment with our strategic Cloud Security Program, as well as supporting Security by Design reviews, facilitating Security Audits, and enabling the organizational-wide Security Risk Registration process.

Qualifications

What you bring

• 7+ years of experience in Information Security
• Bachelor's degree (or diploma) and/or professional designation specializing in computer science and information security
• Preferred professional designations such as OSCP, CISSP, CCSP, GSEC, other certifications from recognized security institutes (SANS, ISC2, ISACA, etc.), as well as industry-recognized cloud certifications (GCP and/or AWS), are beneficial
• Advanced knowledge of the Information Security industry (from both internal and external perspectives) to guide and influence security decisions both within and outside of the team
• Technical experience in system design, system administration, networking, and web application development
• Experience with vulnerability assessment and security testing tools, such as Rapid7 Nexpose/InsightVM, Metasploit, Burp Suite Pro/Enterprise, Veracode, etc.
• Knowledge and experience operating within cloud computing platforms such as GCP, AWS, and OCI
• Experience with cloud security risk management platforms such as Google Security Command Center and Oracle Cloud Guard
• Exceptional problem solving, risk management, and communication skills with the ability to convey issues to technical and business representatives, in both written and verbal forms using tact and diplomacy
• Ability to work effectively in both team settings (as a director and as a contributor), as well as independently, to deliver results following an outcome-based approach
• Flexible and able to quickly pivot focus as required to fulfill immediate business needs
• Experience building and managing Infrastructure as Code (IaC) using Terraform
• Experience with common scripting languages, databases, and data analytics and automation (Bash, PowerShell, Python, etc.)
• Ability to successfully obtain Canada PWGSC Clearance

Great-to-haves

• ITIL knowledge or certification
• Experience with Managed Security Payment Card Industry (PCI)
• Knowledge of information security technology, audit & control measures, monitoring/investigation methodologies, and privacy/regulatory/criminal legislation
• Bi-lingual (French)