Founded in 1846, Laurentian Bank Financial Group (LBCFG) is a diversified financial services provider whose mission is to help its customers improve their financial health.
The Laurentian Bank of Canada and its entities are collectively referred to as Laurentian Bank Financial Group (the "Group" or the "Bank").
With more than 2,900 employees guided by the values of proximity, simplicity and honesty, the Group provides a broad range of advice-based solutions and services to its personal, business and institutional customers.
With pan-Canadian activities and a presence in the U.S., the Group is an important player in numerous market segments.
This role sits within LBC Tech, a subsidiary of Laurentian Bank Financial Group.
This position will be based in Toronto or Montreal.
Laurentian Bank of Canada is looking for an Application Security Analyst to join its IT security team.
The incumbent will be responsible for evaluating application environments to ensure they are being designed and deployed in compliance with cybersecurity standards, policies and regulatory requirements.
ºConduct Application security assessments and recommend corrective actions on in-house applications, software packages and services.
ºWork with developers, architects, project leads / managers, business analysts, and others, in determining security requirements for projects and ensures that these requirements are met as part of the software development lifecycle.
ºCreate, revise and update application security-related development standards and controls alongside other governance and architecture teams.
ºServe as a Subject Matter Expert (SME) in the field of application security for a Application support team, development team, and Threat analysis team.
ºConduct dynamic & static code reviews.
ºIntegrate security tools using API.
ºAssist with the planning and execution of application penetration tests.
ºIdentify and help resolve false positive findings in security assessment results.
ºGenerate reports on assessment findings and help guide and track remediation tasks.
ºAssist with formulation and distribution of security metrics that demonstrate assessment coverage and remediation
ºBS in Computer Science, Information Security, or a related field with 5-7 years of experience in application development and application security.
ºMinimum of 3 years in application security in the implementation or evolution of a service or system supporting a business service.
º3+ years experience with Application Security Tools like IBM AppScan, Weblnspect, Veracode, Checkmarx, etc.
ºStrong familiarity with widely used application development tools & languages (e.g. Net, JAVA, XCode, etc.).
ºExperience in securing Web applications and APIs.
ºKnowledge of Splunk Administration will be a Plus
ºStrong understanding of secure coding principles (OWASP Top 10).
ºKnowledge of secure authentication, access controls, and encryption technologies, including certificate management (e.g. PKI).
ºStrong critical thinking and problem-solving skills.
ºExcellent written and oral communications skills.
ºAbility to learn the fundamentals of new technologies, and to constantly assess security needs in accordance with programs, industry best practices and customer business needs.
ºIndustry Certifications such as CISSP, CISM, CISA, CEH and prior experience in evaluating new IT solutions from an information security perspective considered an asset.
We are proud to be an equal opportunity employer and are committed to fostering an inclusive and accessible work environment that reflects the diversity of our customers and our communities.
We welcome and encourage applications from individuals from all groups, including Indigenous people, women, visible minorities, and persons with disabilities, regardless of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, genetic characteristics, disability or any other legally-protected ground.
Accommodations for persons with disabilities are available upon request for job applicants taking part in all aspects of the recruitment process.