Manager, Cyber Resilience & Offensive Security

EQ Bank · Toronto

Join a Challenger

Being a traditional bank just isn’t our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians.

How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if you’re passionate about redefining the future of banking—while having fun—this could be your next big opportunity.

Our company continues to grow, and today we serve more than 800,000 customers across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $142 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform (eqbank.ca) one of the top banks in Canada on the Forbes World's Best Banks list since 2021. 

The Work

 
This role is responsible for the Designing, planning and executing the bank’s Cyber Resilience Testing and offensive security program, commonly referred to as “red team exercises”. This role develops and manages processes that identify continuous red team and infrastructure penetration test objectives through the course of the year while also planning execution of threat simulation activities. This role facilitates the communication and presentation of technical cyber control effectiveness to key stakeholders.

The Core Responsibilities!

  • Design and execute the bank’s Cyber Resilience Testing program e.g. Red team exercises, cyber threat simulations.  

  • Provides input to the effectiveness testing of EQBank’s Enterprise Cyber Security Controls and cyber roadmap prioritization activities. 

  • Drive cross-functional collaboration to achieve objectives of the programs in purview. 

  • Responsible for maintaining the standards, procedures and guidelines for domains under purview. 

  • Develop and manage measures to ensure effective monitoring control adequacy and compliance for areas under purview 

  • Developing and Managing means of measured performance of control processes and technologies for areas under purview. 

  • Provide technical guidance for team and subject matter advise to stakeholders. 

Let's Talk About You!

  • A college diploma or university degree in computer science (or related course) or Industry recognized certifications (e.g. CISSP)  

  • Minimum of 7 years of technical IT experience with at least 3-5 years specifically focused on offensive security roles. 

  • Strong knowledge of cyber controls testing frameworks such as MITRE Framework 

  • One or more of the following certifications are highly preferred: OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Expert), GPEN (GIAC Penetration Tester), GXPN (GIAC Exploit Researcher and Advanced Penetration Tester), CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager)  

  • Strong engineering and automation experience, prior hands-on Security automation experience is desired. 

Non-Technical Skills  

  • Ability to build and maintain strong working relationships with cross-functional teams and stakeholders. Collaboration is key to integrating offensive security insights across the organization. 

  • Strong analytical and problem-solving skills with the ability to think critically and strategically; this role needs to analyze reports to identify patterns and assess weaknesses. 

  • People and team management abilities. 

  • Technical roadmap development and execution. 

  • Ownership & Accountability 

Apply →