OPTrust Career Opportunities

Paying pensions today, preserving pensions for tomorrow.

With net assets of over $20 billion, OPTrust invests and manages one of Canada's largest pension funds and administers the OPSEU Pension Plan, a defined benefit plan with over 92,000 members and retirees.

Senior Information Security Advisor

Information Technology

This position will adhere to the technology governance and control framework and will assist in ensuring technology controls are in place to protect business operations; in addition, the incumbent will contribute in the development and will be responsible for the effective implementation of security standards, policies and procedures.

  • Conduct vulnerability Operating System (OS), database, and web application scans and provide guidance to address existing vulnerabilities. Update management with any issues / concerns as necessary
  • Responsible for the deployment of security products such as Security Incident and Event Management, Intrusion Detection and Prevention, Endpoint Security, Cloud Access Security Broker, Application Security, Identity Access Management, Encryption, Secure Messaging, Certificate Services, Anti-spyware, Anti-spam, Anti-virus Software, Web Content Filtering, Firewalls, and Maleware
  • Conduct threat risk assessments and penetration testing on new product solutions to identify vulnerabilities prior to product release
  • Analyze vulnerability alerts and compile/test vulnerability exploit code and associated Malware to effectively qualify risks. Evaluate and assess emerging security threats and vulnerabilities to identify appropriate controls
  • Ensure any security attacks and / or intrusions are monitored and responded to security alert data and infrastructure anomalies. Participates in incident response activities and related security activities
  • Implement and make recommendation on corporation wide information security policy, standards, guidelines, and procedures
  • Monitor the effectiveness of internal controls, and participate in the annual review with external auditors and other groups to identify potential security objectives and priorities
  • Assist in the development and execution of the corporate information security plan
  • Participate in the development and maintenance of the corporate security awareness program
  • Responsible for the effective maintenance of the anti-virus, anti-malware and log management systems
  • Lead the corporate desktop/server security patch management program
  • Participate in the ongoing development of the Identity Access Management programs
  • Other duties as assigned
  • Post-secondary certification and/or degree in Computer Science or related field.
  • A minimum of 5 -years experience working in IT and Security, possessing sound knowledge of IT security and risk disciplines and practices
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Offensive Security Certified Professional (OSCP)
  • Experience in conducting hands-on vulnerability and application security assessments
  • Excellent knowledge of IT security and risk disciplines and practices
  • Experience in building and executing Business Continuity Plan (BCP), Disaster Recovery (DR) programs as well as in Access Control and in Change Management
  • Strong oral, written and interpersonal skills
  • Exceptional attention to detail and accuracy
  • Superior organizational, time management skills and ability to multi-task
  • Solid judgment and problem-solving skills with the ability to think critically
  • Ability to work well in a team and independently

OPTrust is an equal opportunity employer and welcomes applications from all interested parties. Please submit your application to Human Resources at by February 26, 2019.

OPTrust is compliant with the Accessibility for Ontarians with Disabilities Act (AODA).  Please advise us should you require accommodation with the recruitment process.

We thank all interested applicants, however only those under consideration will be contacted.


Read about security on our site