- Perform architecture and secure design solution assessments according to the Bank Cyber Security Standards and Directives, security best practices, hardening guidelines, security benchmarks, and architectural patterns.- Built Third-Party Risk Management (TPRM) security framework to ensure vendor cyber risks are defined, assessed, reported, and well-managed by internal business stakeholders.- Provide expert advice and assistance, evaluate security technologies, and recommend pragmatic solutions to the Director of Architecture and Assurance.- Promote approved architectural patterns to teams across the bank.- Threat model a solution to understand attack vectors and generate security requirements as part of secure design assessment.- Lead and oversee the secure design and implementation of net new SaaS and PaaS solutions or solutions migrating to Azure cloud.- Generate security requirements for vendor RFPs.- Created Vendor Minimum Security Requirements (MSR) as a Security Schedule attached to vendor agreements.- Perform Security Risk Assessments in support of business Go/No Go decisions.- Perform security risk assessments of vendors and solutions in compliance with security standards and best practices, recommending security controls to lower or mitigate the risks. - Contribute to the development of security standards.

Cyber Security Governance, Risk, and Compliance- Serve as an expert advisor to senior management in the development, implementation and maintenance of a company-wide information security management program (NIST800 Series, CIS, ISO27000 Families of Standards, GDPR, CSA, SOC2, C5), for both cloud and on-premise environments, considering the entire ecosystem of data, IT systems, and trends that ensure best practice control objectives are achieved for system integrity, availability, confidentiality, accountability and assurance.- Perform security risk assessments and advise affected stakeholders on identified risks, assist with developing information security strategies, provide recommendations and guidance on security controls to mitigate risks.- Lead Vendor or Third Party Risk Management program.- Lead Security Awareness program.- Identify and propose key information security program priorities, initiatives, plans, practices and tools.- Provide guidance (e.g., relative cost benefit analysis) and recommendations regarding prioritization of investments and projects to mitigate risks, strengthen defences and reduce vulnerabilities.- Implement and/or support information security projects and internal/external security compliance audits and accreditation.- Understand potential and emerging information security threats and vulnerabilities, and communicate this information to appropriate team members throughout the company on a timely basis.- Provide assistance to Sales and Support in relation to customer security inquiries as well as Legal with appropriate security in agreements.- Produce customer consumable security documentation to assist with their understanding of how company’s SaaS solution is secure and evolving to address the latest security risks affecting Software as a Service.

- Performed Security Risk Assessments for cloud (Azure) IaaS, PaaS, and SaaS solutions.- Deployed and maintained Deep Security in Microsoft Azure environment.- Engineered and maintained CyberArk (Inter Business Vault) secure file sharing solution.- Conducted incident prevention, detection/analysis, containment, eradication and aid recovery across IT systems.- Supported and monitored SIEM, IDS and other security systems.- Reported findings on the security alerts.- Prepared runbooks for security technologies.- Responded, analyzed, and tuned IDS signatures based on recently discovered exploits and their impact.- Correlated security events and investigate security incidents.- Reported to stakeholders on the existing security posture of the enterprise.- Used threat intelligence to strengthen security posture of the organization.- Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), forensics, and malware analysis tools. - Researched complex information security issues for resolution.- Carried out research on information security and keep abreast of the latest technology, practices, and industry best practices and standards in addressing the security exposures and threats.- Advised on information security issues and problems as an information security subject-matter-expert.- Explained and demonstrated how to use enterprise security products to both technical and non-technical personnel.- Performed knowledge transfers and train clients regarding security awareness.- Developed and maintained guidelines to increase the efficiency of Security Operations’ team.- Participated in testing, evaluation, upgrade and implementation of new and existing security applications to address emerging threats and vulnerabilities.- Exceptional interpersonal skills including effective communication, teamwork, facilitation and negotiation.

- Monitored network and information systems security alerts and notifications of potentially malicious activity- Conducted impact assessments and determine the classification of detected events- Identified, reported, and investigated potential security incidents- Coordinated escalations to appropriate support teams to ensure timely incident resolution- Performed technical troubleshooting and security analysis of incidents- Identified and recommended threat containment and eradication actions- Maintained intrusion detection system signatures- Performed tuning of SIEM filters and events correlation to ensure continuous monitoring improvements- Performed continuous vulnerability management scans (CVMS) of the infrastructure- Analyzed and reported on the findings of the CVMS, determining existing security vulnerabilities and identifying false positives- Developed and maintained effective and efficient SOC standard operating procedures- Maintained awareness of evolving threats, trends, and technologies; and perform knowledge sharing with other members of the team

- Developed new business opportunities by drawing on exceptional communication and interpersonal skills.- Demonstrated high degree of adaptability and ability to work effectively under minimum supervision. - Maintained and ensured compliance to all corporate security and risk management policies and procedures. - Constantly sought to improve business processes, stayed focused and motivated to find the right combination of human and logistic resources to execute a plan. - Applied sound credit judgement relating to underwriting and approval of loans and mortgages. - Grew Ottawa branch’s portfolio by managing multiple priorities: opened new accounts and financial products, grew residential mortgage portfolio, organized a workshop and events, promoted new campaigns, and participated in community events. - Developed a training material for new employees.

- Planned and executed consultancy project in a deadline-driven setting.- Compiled, analyzed and synthesized data from multiple strategic plans.- Ensured seamless execution of all deliverables by building relationships and sustaining openlines of communication with team members, managers and stakeholders.

Managed communications and negotiated contracts as trusted liaison between international customers and developers. Presented properties to prospective clients. Closed sales. Maintained computer systems and client files. Resolved client issues. Improved productivity and efficiency by updating the company's database system. Provided high-quality customer service that drove profitability and led to significant referral business.