Compétences recherchées — Connectez-vous et téléversez votre CV pour comparer avec votre profil
Cybersécurité AWS DevOps +8 autres

Détails du poste

  • Lieu de travail : Montreal (Télétravail)
  • Type de poste : Permanent à temps plein

Description du poste

Overview:

Our banking client is seeking a Security Hardening & Remediation Specialist (Windows 11) to lead enterprise-wide endpoint security hardening and remediation across their environment. Each specialist will own gap analysis, policy development, and phased technical implementation across endpoint and application layers, working cross-functionally with Cybersecurity Governance, IAM, and endpoint engineering teams. (Remote — Alberta-based preferred) [-51, -52]

Exigences

Must-Haves:

  • 5+ years in Cybersecurity, Endpoint Engineering, or Infrastructure Security with heavy focus on Configuration Management / Security Configuration Management (SCM)
  • Deep hands-on hardening experience Windows 11 — Credential Guard, Virtualization-based Security (VBS), BitLocker, GPO authoring and enterprise deployment, Omnissa Workspace One, Active Directory
  • Scripting proficiency for automated remediation: PowerShell (Windows)
  • Experience implementing security frameworks: CIS Benchmarks, NIST SP -53, DISA STIGs (Windows)

Atouts

Nice-to-Haves:

  • Experience in both Windows 11 and macOS hardening environments
  • Familiarity with ports, protocols, and services management at the network layer
  • Ability to translate governance/compliance documents into actionable engineering requirements
  • Experience collaborating with IAM, DevOps, and Cybersecurity Governance teams
  • Security certifications (CISSP, CISM, CISA, or equivalent)

Responsabilités

Responsibilities:

  • Conduct deep-dive gap analysis of the endpoint fleet against Cybersecurity Governance Hardening Standards
  • Develop hardened configuration baseline documentation aligned to relevant OS security frameworks
  • Author and deploy GPOs, configuration profiles, and remediation scripts to enforce compliance at scale
  • Lead phased rollout of OS-level hardening configurations enterprise-wide, minimizing user disruption
  • Align endpoint controls with application-layer and network-layer security requirements
  • Partner cross-functionally with Windows/Apple Engineering, IAM, and Cybersecurity Governance
  • Deliver training, testing, and documentation as part of project scope