ABOUT US

At Saputo, we make contributions that matter every day. We’re a growing team of dedicated and passionate people around the world with a longstanding history of excellence. Each of our employees bring their best every day, and together we create the high-quality products our customers and consumers enjoy.

EMPLOYEE BENEFITS

Ensuring the well-being of our employees is our priority. We offer attractive working conditions and benefits to our employees and their families:

• Competitive salaries
• Advantageous corporate agreements
• Full range of group insurance benefits
• Group retirement pension plan with employer contribution
• Purchase option of company stocks
• Group RRSP
• Health and wellness program in the workplace
• Assistance program for employees and their families
• We support employment equity. Saputo strives to embed diversity and inclusion in its operations and invites candidates from all horizons to join its family.

SUMMARY OF TASKS:

Saputo is looking for a Network Security Compliance Specialist in Montreal. Reporting to the IT Manager Security and Compliance. The position is a key role responsible to define the security standards needed to detect and protect Saputo network from cyber attacks in the best manner.

The role will be equally exposed to operation and project activities, and will contribute in defining
the safeguards needed, and to influence the evolution of the company’s standards and controls.

The network Security Specialist will work with architects and with the network and telecommunication team to define policies and implement processes that will reinforce the monitoring and protection of Saputo’s network landscape against security threats or unauthorized user access. Saputo networks integrated multiple physical locations worldwide.

This role is responsible to research, evaluate, recommend and implement devices to preserve and improve Saputo’s cybersecurity posture. Role will include tasks such as defining and reviewing security policies, installing and configuring security software, conducting regular security audits, preparing security status reports and educating peers on network security.

RESPONSIBILITIES:

Cybersecurity architecture:
o Align organizational security strategy and infrastructure with overall business and technology strategy
o Participate in the design for enterprise-class security systems in use to better detect, protect and monitor cyber threats for all key systems in use in the company
o Identify security design gaps in existing and proposed architectures solutions and recommend changes or enhancements
o Define processes that will facilitate the support of the security systems in use
o Interpret current or future regulation to support the compliance activity
o Serve as the point of contact to develop and drive any activities related to information security;
o Regularly communicate vital information, security needs and priorities to upper management

Security governance:
o Maintain and implement security policies, standards and procedures across various domains (e.g., Firewall or VPN Management, Proxy governance, Security Logging & Monitoring, Data Loss Prevention, Encryption, etc.)

Security awareness
o Assists with designing and implementing all security-related functions for network systems.
o Keeps current in basic technical knowledge of network hardware, protocols and standards.
o Ensure proper monitoring and protection rules are in place
o Evaluate and recommend security improvements and system upgrades.
o Assist with the design, implementation and administration of the network and security portions of Data Protection, Business Continuity, Disaster Recovery and Failover plans.
o Exercise strong organizational, customer service and problem-solving skills.
o Research and make recommendations regarding improvement and acquisition of network and security infrastructure.
o Coordinate security related activities with team members.
o Attend meetings as required.
o Perform other duties as related to information technology systems.

QUALIFICATIONS:

o Undergraduate degree in Information Management, Computer Science, Computer Engineering, Information Security or related field
o Strong Project Management skills following PMO processes (Project plan, resource planning, monthly finance projections, change requests, etc.)
o Overall 8+ years of information security consulting, security operations or advisory
o Working experience of one or more industry frameworks / standards (e.g., NIST CSF, MITRE Frameworks, ISO 27k, PCI-DSS) and cybersecurity and data privacy laws/regulations (e.g. PIPEDA, GDPR)
o Very strong written and communication skills to non-technical stakeholders
o Demonstrable understanding of how to network and develop working relationships with various key stakeholders
o Ability to work with teams to achieve goals and meet deadlines in a fast-paced environment.
o Works well under pressure and time constraints and can prioritize competing priorities appropriately
o Can work independently with minimal supervision and direction

REQUIRED TECHNICAL SKILLS:
o CISSP, CISSP-ISSAP, CISM, CSSA, certification a strong asset
o Experience with Web proxy Zscaler, a strong asset
o Experience with Web application Firewall (Imperva), a strong asset
o Network Security specialist Cisco Certified (CCNA)
o Broad understanding of Cybersecurity framework (NIST Cybersecurity Framework, ISO27002)
o Knowledge of information security and risk mitigation principles, theories and techniques
o Excellent French and English written and verbal communication skills. Spanish an asset.