×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Senior Security Advisor, Threat Modeller

Job in Toronto, Ontario, M5A, Canada
Listing for: Intact Financial Corporation
Full Time position
Listed on 2026-06-23
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Job Description & How to Apply Below

Pay at Intact is about much more than just salary.

  • Flexible work arrangements and a hybrid work model

  • Possibility to purchase up to 5 extra days off per year

  • Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more

  • Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)

    • Salary range (but not limited to):

    101,

    Annual bonus target, based on the base salary, with a potential payout of up to double the target (subject to personal and company performance):

    12%

    As part of our commitment to Win As A Team
    , we share our success with employees through our annual bonus plan and Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.

    Our pension offerings provide flexibility and long-term security for our employees beyond their careers. We are one of the few companies offering the opportunity to receive guaranteed income for life via our defined benefit pension plan.

    Salary for the candidate will be determined taking into consideration a number of factors including: experience, skills, qualifications, anticipated contribution to role, internal equity, etc. The salary range presented above is based on a 35-hour workweek and would represent a majority of different candidate profiles. However, we encourage candidates who may fall outside of this range to apply as well.

    About the role

    We’re looking for a Senior Security Advisor (Threat Modeller) to join our growing team!

    What you'll do here:

  • Perform structured threat modelling (e.g., STRIDE, MITRE ATT&CK, kill chain, attack trees, misuse/abuse cases) for applications, systems, and architecture patterns.

  • Work with data flow diagrams (DFDs), and architecture diagrams for new and existing systems.

  • Identify assets, trust boundaries, entry points, and potential attack paths.

  • Assess the likelihood and impact of identified threats, and assign inherent and residual risk ratings.

  • Translate threat modelling outcomes into clear security requirements and recommended controls. Document control gaps and track remediation activities through to closure.

  • Collaborate with product, architect, developers, and engineers to support solution design by reviewing proposed architectures, patterns, and design decisions for security implications and providing recommendations.

  • Work with stakeholders to integrate threat modelling into product development workflows (e.g., SDLC, Agile, project delivery) across the organization.

  • Participate in secure code reviews to support security requirements and threat mitigations.

  • Plan and facilitate threat modelling workshops.

  • Communicate complex technical risks in clear, business-relevant language to both technical and non-technical stakeholders.

  • Contribute to the development and continuous improvement of threat modelling methodologies, templates, and tooling.

  • Support incident response and post-incident reviews by mapping exploited paths back to threat models and identifying improvements.

  • Maintain an up-to-date understanding of the threat landscape, including tactics, techniques, and procedures (TTPs), including those relevant to AI-related technologies. This includes staying current with relevant threat intelligence.

  • Apply the Maestro framework (or similar) to structure and standardize threat modelling activities for use cases involving AI agents.

    • What you bring to the table:

  • Bachelor’s degree in computer science, or any combination of equivalent education and experience.

  • Minimum ten (10) years of experience in information technology, including at least five (5) years in information security, with demonstrated experience in one or more of the following areas: application/cloud security, security architecture, threat modelling or risk assessment, threat intel, incident response, SOC, SIEM, vulnerability management, and red teaming or penetration testing.

  • Strong knowledge of information security management principles and practices.

  • Strong ethical principles and understanding of business and information security ethics.

  • Good knowledge of common security vulnerabilities of web and cloud applications and operating techniques from…

    • Position Requirements
    10+ Years work experience
    Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
    To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)
    0
    200
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search