Status: Permanent
Type of Contract: Permanent
Schedule: Full-Time
Full Time / Part Time? Full-Time
Posting date: 16-Apr-2024
Location: Montreal, Quebec City Montreal
Province/State: Quebec
Area of Interest: Information technology
A career in cybersecurity at the National Bank means playing a key role in transforming cybersecurity to protect our clients and maintain their trust. As the Application Security Practice Lead, you hold a pivotal position in implementing the strategy surrounding secure application development within the organization.
Your job:Governance:
- Ensure governance of the Application Security Practice across the National Bank.
- Establish standards, guidelines, positions, and governance processes related to the Application Security Practice.
- Define and produce security indicators related to the practice.
- Ensure compliance of the Application Security Practice with best practices and monitor audit plans.
- Provide advice and support as a governance expert of the practice.
Strategy
- Collaborate with teams and stakeholders to capture needs and identify pain points.
- Identify and prioritize initiatives aimed at enhancing the maturity of the Application Security Practice.
- Identify security controls of the practice, assess their maturity, and coordinate their enhancement.
- Work collaboratively with the domain architect of the Application Security Practice on the business capability model (BCM).
As part of the large team of the Information Security Vice Presidency (CISO), reporting to the Senior Director of Cybersecurity Strategy and Architecture, you work closely with domain architects, various practice leads, and other cybersecurity and information technology stakeholders to govern and establish the strategy specific to the Application Security Practice.
We ultimately aim to offer you maximum flexibility and quality of life. This notably means a hybrid work environment, as well as adaptable working hours.
The Bank values continuous development and internal mobility. Our personalized training programs enable you to master your job and develop new areas of expertise. Tools such as the Data Academy, language training, the Harvard Learning Center as well as coaching and mentoring support are available to you, at all times.
Prerequisites:Five (5) to ten (10) years of cybersecurity experience, including a minimum of three (3) years of governance experience.
Strong experience in application security.
Experience in the DevSecOps development cycle and security in cloud environments.
Ability to interact with representatives from different backgrounds; CISSP, CISA, SANS certifications, and other specialized certifications in the field of application security are assets.
Knowledge of several security standards such as NIST 800-xx, PCI, CSA, OWASP, CoBIT x, GDPR, ISO2700x, an asset.
Ability to write documents clearly and structured, an asset.
Languages:Language: English
Reason to require this language: you will need to discuss frequently with our service providers or partners who speak a language other than French.
Skills- Analytical thinking
- Coaching
- Communication
- Empathy
- Initiative
- Learning Agility
- Organization Skills
- Resiliency
- Teamwork
In addition to competitive compensation, upon hiring you'll be eligible for a wide range of flexible benefits to help promote your wellbeing and that of your family.
- Health and wellness program, including many options
- Flexible group insurance
- Generous pension plan
- Employee Share Ownership Plan
- Employee and Family Assistance Program
- Preferential banking services
- Opportunities to get involved in community initiatives
- Telemedicine service
- Virtual sleep clinic
These are a few of the benefits available to you. We have an offer that keeps up with trends as well as your needs and those of your family. Our dynamic work environments and cutting-edge collaboration tools foster a positive employee experience. We actively listen to employees' ideas. Whether through our surveys or programs, regular feedback and ongoing communication is encouraged.
We're putting people first:We're a bank on a human scale that stands out for its courage, entrepreneurial culture, and passion for people. Our mission is to have a positive impact on peoples' lives. Our core values of partnership, agility, and empowerment inspire us, and inclusivity is central to our commitments. We offer a barrier-free workplace that is accessible to all employees. We want our recruitment process to be fully accessible. If you require accommodation, feel free to let us know during your first conversations with us. We welcome all candidates!
What can you bring to our team? Come live your ambitions with us!