PRODUCT OWNER - SOC

We are banking at another level.

Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitious economic and financial projects to see further and to do things differently, to fuel the success of Canadian entrepreneurs.

Choosing BDC as your employer also means:

• Flexible and competitive benefits, including an Employee Savings and Investment Plan where BDC matches part of your voluntary contributions, a Defined Benefit Pension Plan, a $750 wellness and health care spending account, to name a few   

• In addition to paid vacation each year, five personal days, sick days as necessary, and our offices are closed from December 25 to January 1

• A hybrid work model that truly balances work and personal life

• Opportunities for learning, training and development, and much more... 

Explore the BDC Way in our Culture Book

POSITION OVERVIEW

This position is part of BDC’s Cyber Security Operations Center (SOC) task force. The SOC team at BDC specializes in key cybersecurity domains, including incident response, threat hunting, and vulnerability management across hybrid and cloud infrastructures. Team members contribute to cross-functional operational oversight, monitoring, and response activities, ensuring a comprehensive and proactive approach to maintaining and enhancing the organization’s security posture.

As the SOC Product Owner (PO), you will play a central role in safeguarding the bank’s digital environment. You will work collaboratively with infrastructure, DevOps, cloud, and application teams to operationalize threat intelligence, strengthen vulnerability detection, and accelerate remediation effectiveness, while reporting key metrics and performance indicators to senior leadership. In collaboration with the SOC team, you will define and maintain the product roadmap, and you will prioritize and coordinate the product backlog in alignment with other Product Owners to support deliverables and optimize resource allocation.  A strong foundation in operational security will enable you to integrate vulnerability risk management and cybersecurity incident response into day‑to‑day IT workflows and project lifecycles in a consistent and efficient manner.

BDC operates within a fast-paced Agile product model across its IT squads, emphasizing flexibility, collaboration, and continuous value delivery.

CHALLENGES TO BE MET

• Collaborate closely with cross-functional teams to ensure operational challenges and customer needs are clearly defined and effectively addressed. You will also establish clear and realistic acceptance criteria with the team.

• Work with InfoSec leadership to shape the strategic vision for SOC operations and its product portfolio, ensuring alignment with organizational goals.

• Contribute to vendor and contract management and collaborate with Strategic Procurement to develop renewal and acquisition strategies for technologies supporting SOC capabilities (e.g., EDR, SIEM, CTI, SEG).

• Engage with teams across systems administration, architecture, and engineering to support the implementation of comprehensive cybersecurity initiatives that enhance the organization’s security posture.

Key Specific Responsibilities

• Act as the guardian of the product vision and roadmap for the SOC.

• Translate business needs, threat landscape evolution, and compliance obligations into a product roadmap.

• Prioritize features and improvements based on risk reduction, SOC productivity, and stakeholder impact.

• Align SOC capabilities with the organization’s overall cybersecurity strategy.

• Build, maintain, and refine a clear and actionable backlog (use cases, detection rules, automation workflows, integrations).

• Monitor and evaluate the effectiveness of SOC processes, technologies, and team activities, implementing changes to optimize performance and efficiency.

• Work and enhance process including asset discovery, scanning, analysis, prioritization and remediation coordination

• Collaborate with IT and DevOps to coordinate security enhancements

• Develop and maintain metrics and KPIs for the SOC to track performance

• Keep abreast of new technologies in Cyber space with the goal of enhancing BDC cyber posture.

• Keep up with the technical roadmap of program and technology changes being driven by the internal needs and IT projects as well as new developments on the providers’ side

• Maintain relationships with external sources of information security that can be used to manage our security program.

• Research trends in new security threats, technologies; advise and train team members to maintain awareness

• Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization

• Provide suggestions and feedback to improve the overall capabilities of the BDC Security team

• Monitor cyber tooling output and conduct spot checks for accuracy

• Participate in Post Incident Reviews and discussions.

WHAT WE ARE LOOKING FOR

Technical Skills

• Agile Delivery: Hands-on experience or strong interest with agile multi-team delivery frameworks (e.g., SAFe), backlog management, quarterly planning, and iterative value delivery. Relevant certifications are considered assets (PSPO or equivalent).

• Certifications: Industry-recognized credentials such as CISMCEH or other SANS are considered a plus

• Technical Proficiency: Excellent command of Microsoft tools and platforms, especially Excel, PowerPoint, Power BI, SharePoint and Azure DevOps Board Management (or equivalent).

• Experience with scripting languages, such as Python considered an asset.

• Experience with SIEM, EDR and incident response considered an asset

• Familiarity with CVSS scoring, Treat Intel & MITRE ATT&CK framework considered an asset

• Experience with cloud-native security tools and platforms (Azure Defender, AWS Inspector, containers, etc.) considered an asset

Soft Skills

• Structured problem solving

• Analytical mindset and risk-based thinking

• Proven track record on financial evaluation for security products and renewal

• Effective communication with both technical and business stakeholders

• Bilingual (French and English, written and spoken)

• Solid verbal and written communication skills, and the ability to tailor the context of the conversation to the audience.

• Leadership presence, able to influence without authority

Education & Experience

• Education: Bachelor's degree in engineering, computer science, cybersecurity, information systems, or a related field / background

• Experience:  5–8+ years of experience in SOC operations, cybersecurity engineering, detection engineering, or cyber product management.

• Relevant certifications (e.g., CISSP, CISM) are considered assets.

Why Join BDC?

• Play a leading role in developing and maturing the bank’s cyber security operational controls and incident response.

• Work with a dynamic, cross-functional cybersecurity team in one of Canada’s top employers

• Access to cutting-edge technology in cloud security and risk-based remediation

• Competitive benefits including hybrid work, pension, wellness programs, and continuous learning opportunities

Proudly one of Canada’s Top 100 Employers and one of Canada’s Best Diversity Employers, we are committed to fostering a diverse, equitable, inclusive and accessible environment where all employees can thrive and feel empowered to bring their whole selves to work. If you require an accommodation to complete your application, please do not hesitate to contact us at [email protected].

While we appreciate all applications, we advise that only the candidates selected to participate in the recruitment process will be contacted.