Senior Security Specialist

About The Position

Requirements

• Typically 5+ years of experience in cybersecurity, security consulting, security engineering, security architecture, technology risk, IAM, cloud security, or cyber transformation
• Strong cybersecurity foundation with experience delivering or supporting security initiatives in complex enterprise environments
• Depth in one or more cybersecurity domains such as IAM, cloud security, data protection, application security, vulnerability management, security operations, third-party cyber risk, security governance, or cyber resilience
• Experience working with security technologies, controls, platforms, architects, engineers, or delivery teams to achieve cybersecurity outcomes
• Understanding of security control design, implementation considerations, risk reduction, remediation planning, and secure technology delivery
• Ability to translate technical cybersecurity concepts into business language, executive messaging, and practical delivery plans
• Experience developing security requirements, control requirements, roadmaps, maturity assessments, process flows, operating models, or implementation plans
• Strong communication, facilitation, structured problem-solving, and stakeholder management skills
• Experience working within financial services, insurance, banking, capital markets, or other highly regulated environments

Nice To Haves

• Previous consulting experience delivering cybersecurity transformation, security architecture, IAM, cloud security, data protection, security operations, or security modernization programs
• Experience with modern cyber topics such as Zero Trust, AI security, identity threat detection, attack path management, ransomware resilience, DevSecOps, cloud-native security, security automation, or secure-by-design engineering
• Experience with IAM, PAM, IGA, CIAM, authentication, access governance, identity lifecycle, secrets management, or non-human identity security
• Familiarity with platforms such as SailPoint, CyberArk, Microsoft Entra ID, Okta, Ping Identity, ForgeRock, Saviynt, ServiceNow, Archer, Jira, or Confluence
• Experience with cloud security across Azure, AWS, or GCP, including cloud identity, logging, monitoring, encryption, key management, secure landing zones, or cloud control frameworks
• Knowledge of security frameworks such as NIST CSF, NIST 800-53, ISO 27001, CIS Controls, COBIT, PCI-DSS, SOC 2, or OSFI guidance
• Experience developing executive-level presentations, security roadmaps, target operating models, maturity assessments, business cases, or transformation plans
• Leading certifications such as CISSP, CISM, CRISC, CISA, CCSP, CSSLP, GIAC, Security+, Azure Security, AWS Security, or IAM-related certifications
• Strong consulting acumen including client relationship management, executive communication, facilitation, structured problem solving, and the ability to influence stakeholders

Responsibilities

• Lead and support cybersecurity transformation initiatives for leading financial services and enterprise clients
• Assess current-state cybersecurity capabilities, identify control and technology gaps, and define practical target-state recommendations
• Work across key security domains including IAM, Zero Trust, cloud security, data protection, application security, vulnerability management, security operations, third-party cyber risk, and cyber resilience
• Partner with security architects, engineers, risk partners, product owners, and business stakeholders to define security requirements, delivery plans, and implementation roadmaps
• Translate cybersecurity requirements into actionable roadmaps, control designs, process flows, technical considerations, implementation plans, and client-ready deliverables
• Apply a cyber risk lens to technical security decisions by identifying control gaps, assessing security impacts, prioritizing remediation, and aligning solutions to enterprise risk expectations
• Facilitate workshops, stakeholder interviews, technical working sessions, and executive discussions with technical and non-technical audiences
• Support cyber capability uplift across people, process, technology, governance, and operating model dimensions
• Develop client-ready materials including maturity assessments, security roadmaps, target operating models, executive presentations, control mappings, risk summaries, and implementation plans
• Contribute to the growth of Capco cyber offerings, thought leadership, delivery assets, and practice capability

Benefits

• Comprehensive Benefits Coverage – 100% company-paid health, life, and disability insurance effective from Day 1 of employment.
• Retirement Savings Program – RRSP with the option of receiving a matching employer contribution.
• Virtual Health Care and Employee & Family Assistance Program (EFAP) available to employees and eligible dependents.
• Enhanced parental leave top-up, new parent gift, and wellness reimbursement benefits.
• Business Coach from Day 1 to support career growth, accelerate development, and help achieve your professional goals at Capco.