Identify security events that need to be monitored.
Advise and support our team in all stages of development.
Ensure key risk metrics/indicators are developed and implemented to systematically measure and report information-related risks.
Identify and classify the risks then propose risk mitigation or remediation.
Analyze the risks associated with the various options available and propose a security solution to the operational issue that offers a fair balance between potential losses and the cost of the solution.
Identify gaps in IT compliance control and supervise the documentation, implementation and tests for the entire IT compliance control portfolio.
Monitor the latest industry trends and, where appropriate, proactively propose the introduction of new security practises and technologies when they become profitable.
Perform or coordinate application security tests for project teams.
Interpret the results of application security tests (code scanning, application intrusions, etc.).
Inform and educate development teams with regard to the application security development standards, methods and tools.

Requirements

University degree in information security or any combination of equivalent education and experience
Minimum 8 years of relevant experience in information technology, more specifically in information technology security
Security certification would be an asset
Strong knowledge of application security principles and practices
Strong and practical knowledge of Cloud environment in terms of Security risk and tools available in AWS or other cloud environment
Experience in a DevSecOps - CI/CD environment
Good understanding of common security gaps in data and cloud applications and of operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA)
Good understanding of common security gaps in data/AI applications
Team player / good collaboration skills set
Strong ethical principles and understanding of business and information security ethics
For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.
No Canadian work experience required however must be eligible to work in Canada.

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application security principlesCloud securityDevSecOpsCI/CDrisk mitigationIT compliance controlsecurity testingcode scanningapplication intrusionsdata security

Soft Skills

collaborationethical principlescommunicationteam player

Certifications

security certification