Senior Specialist, Information Security
Celestica
Date: 9 hours ago
City: Toronto, Ontario
Contract type: Full time
Req ID: 127359
Remote Position: Hybrid
Region: Americas
Country: Canada
State/Province: Ontario
City: Toronto
General Overview
Functional Area: Information Technology (ITM)
Career Stream: IT Risk & Compliance (RAC)
Role: Senior Specialist (SSP)
Job Title: Senior Specialist, Information Security
Job Code: SSP-ITM-SECR
Job Level: Level 09
Direct/Indirect Indicator: Indirect
Summary
The Senior Specialist, Information Security plays a critical role in protecting enterprise systems, data, and infrastructure by proactively identifying and mitigating security risks. This role requires a deep understanding of cyber threats, risk management, and security technologies to safeguard the organization's digital assets. The individual will provide expert guidance, lead security initiatives, and mentor junior analysts while collaborating with cross-functional teams to strengthen the overall security posture.
Detailed Description
Security Operations & Risk Management
Technical Expertise
Bachelor's Degree in Computer Science, Information Security, or a related field
Preferred Professional Certifications
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
Company Overview
Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.
Remote Position: Hybrid
Region: Americas
Country: Canada
State/Province: Ontario
City: Toronto
General Overview
Functional Area: Information Technology (ITM)
Career Stream: IT Risk & Compliance (RAC)
Role: Senior Specialist (SSP)
Job Title: Senior Specialist, Information Security
Job Code: SSP-ITM-SECR
Job Level: Level 09
Direct/Indirect Indicator: Indirect
Summary
The Senior Specialist, Information Security plays a critical role in protecting enterprise systems, data, and infrastructure by proactively identifying and mitigating security risks. This role requires a deep understanding of cyber threats, risk management, and security technologies to safeguard the organization's digital assets. The individual will provide expert guidance, lead security initiatives, and mentor junior analysts while collaborating with cross-functional teams to strengthen the overall security posture.
Detailed Description
Security Operations & Risk Management
- Oversee the configuration, administration, and optimization of enterprise-wide security solutions.
- Monitor an enterprise-wide endpoint security solution with a base of 25,000+ endpoints, ensuring optimal security and performance.
- Provide expert-level (Tier 3/4) security solution support, responding to and resolving critical incidents within established SLAs.
- Lead incident response efforts, analyzing security events, conducting root cause analysis, and implementing corrective actions.
- Utilize advanced threat intelligence methodologies to predict, detect, and respond to sophisticated cyber threats.
- Develop, refine, and implement advanced SIEM use cases, security monitoring content, and correlation rules for improved threat detection.
- Conduct digital forensics investigations and support internal audits by providing detailed forensic analysis of security incidents.
- Ensure compliance with regulatory and industry standards (e.g., ISO 27001, NIST, GDPR, CMMC, ITAR), advising stakeholders on security best practices.
- Participate in vulnerability management programs, including penetration testing, red/blue team exercises, and security assessments.
- Assist in the deployment and hardening of security solutions such as firewalls, IDS/IPS, EDR, SIEM, IAM, and DLP.
- Consult on developing zero-trust security frameworks and strategies for endpoint and network security.
- Mentor and guide junior analysts and engineers, providing technical leadership and career development support.
- Partner with IT, DevOps, and business teams to ensure security is integrated into all aspects of IT operations.
- Act as a security advisor to executives and stakeholders, translating complex security concepts into business-friendly language.
Technical Expertise
- Proficiency in cybersecurity frameworks, risk management, and threat modeling.
- Extensive knowledge of security operations, incident response, and digital forensics.
- Advanced experience with penetration testing, vulnerability management, and ethical hacking methodologies.
- Strong proficiency in cloud security, network security, identity and access management (IAM), and endpoint protection.
- Understanding of encryption standards, PKI, and secure application development.
- Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) to enhance security operations.
- Advanced ability to analyze and correlate security data from diverse sources (logs, SIEM, EDR, etc.).
- Knowledge of database security (MySQL, SQL, Oracle).
- Strong leadership and mentoring capabilities.
- Excellent verbal and written communication skills, with the ability to translate technical security risks into business impact.
- Understanding of regulatory requirements such as ISO 27001, ITAR, CMMC, SOX, and GDPR.
- Proven track record of working with cross-functional teams to drive security initiatives.
- Duties are primarily performed in an office environment but may require occasional on-call availability and emergency response.
- Extended periods of sitting, as well as visual concentration on security dashboards, logs, and reports.
- 6 - 10 years of experience in cybersecurity, IT security operations, or related fields, with a demonstrated history of technical leadership.
- Experience managing and responding to advanced persistent threats (APT), malware analysis, and insider threats.
Bachelor's Degree in Computer Science, Information Security, or a related field
Preferred Professional Certifications
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- OSCP (Offensive Security Certified Professional)
- CEH (Certified Ethical Hacker)
- GIAC Certifications (GSEC, GCIA, GCIH, etc.)
- Cloud Security Certifications (CCSP, AWS Security Specialty, Azure Security Engineer, GCP Professional Security Engineer)
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
Company Overview
Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.
See more jobs in Toronto, ON