Join a world-class information security team!
We're looking for new talent to expand our security team.
We live in a digital world where daily changes require us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security standpoint.
If you'd like to :
Have input in information security
Join a dynamic, innovative team
Explore new ideas
If you can :
Ensure that risk considerations are addressed at each stage of the system development life cycle (SDLC)
Propose solutions proactively to reduce risks and potential failures
Make security recommendations by exercising your judgement regarding existing policies and industry best practices
We want to hear from you!
Ways you can make a positive impact in our organization :
Perform application security tests for web applications, APIs, mobiles (iOS and Android) with automated texting tools
Conduct vulnerability assessments, automated secure code review activities and dynamic security testing with tools
Inspire a positive work environment and help as a champion, innovator, team player and team support
Have a good understanding of software security architecture and design to identify and recommend improvements in internal methodologies and processes
Be able to provide tactical and strategic direction and guidance to help technical teams achieve acceptable security postures
Maintain relationships with technology teams and provide them with information about application security and topics in the secure development cycle
Your profile :
A completed bachelor's degree in a related field plus 7 years of relevant experience, or a completed master's degree in a related field plus 5 years of relevant experience
Professional certifications (e.g.
CISSP), an asset, or willingness to obtain certification quickly
3-5 years of experience in information security, minimum 2 years with the use of automated code review tool or dynamic testing (IBM, HP, Veracode, Accunetix, DAST, etc.)
Experience in mobile application security and web services evaluation
Experience in vulnerability assessment and use of related risk assessment tools (web application vulnerabilities, web application business logic vulnerabilities and threats)
Experience in application development, an asset
Good understanding of application control domains, software development processes, SDLC security assessment, OWASP and application architectures
Bilingualism, both spoken and written (English and French)
We strive to be an inclusive organization where all employees are valued.
National Bank stands out for its many initiatives to promote inclusion, making it a Canada-wide leader in diversity.