Director, IT Application Security


Req Id: 274166
At Bell, we do more than build world-class networks, develop innovative services and create original multiplatform media content - we're revolutionizing how Canadians communicate.
If you're ready to bring game-changing ideas to life and join a community that values bold ideas, professional growth and employee wellness, we want you on the Bell team.
The Bell IT team uses emerging technologies, Agile and DevOps to design and build innovative solutions that enable Bell's communications services for businesses and consumers. We're looking for creative problem-solvers who are curious, collaborative and ready to be on the leading edge of technological transformation.
Position Description:
Bell's Information Technology team is seeking a Director, IT Application Security to help drive the vision, strategy, transformation, design and delivery of Bell's application security across key customer centric applications that serve our wireless, residential and business market customers.
Reporting to the Vice President, IT Delivery Customer Experience you will be leading a team tasked with our overall secure Software Development Life Cycle (sSDLC) program. The successful candidate will be tasked with defining application security requirements and ensuring the delivery of secure applications and solutions. The Director, IT Application Security is also tasked with the implementation of large security focused projects.
The successful candidate will exhibit the skills of an experienced leader, with a distinct approach to process. You will work with a group tasked with co-ordinating across many functional teams to ensure that our applications stay at the highest security level. In our large and diverse organization, you will be required to be innovative and collaborative in order to be successful. Candidate must be comfortable working and meeting with executives and can work at a deep technical level with developers.
About the Team:
Bell's Information Technology -Customer Experience (CE) team is tasked with for the delivery of web, mobile app, customer agent, IVR and big data applications for all brands, including Bell, Virgin, Lucky, Solo and BCE.
Job Duties/Accountabilities:
  • Functional
    • Drive the development, implementation and ongoing improvements of security processes that result in effective methods for reducing security risks before project deployments
    • Support and resolve findings from SAST, DAST, pen test and other review process for SLAs.
    • Ownership of key security focused projects, ensuring project budget, timelines and scope are met, while managing associated resourcing and risk.
    • Participate in driving the vision, strategy, transformation, design and delivery of security products, processes and application enhancement across key mobile, web, IVR and big data based applications and supported sites that serve our customers
    • Partner with Customer Experience, Corporate and IT Security teams to resolve, and build customer centric and secure solutions
    • Tasked wth overall program status, communications materials for executive review. Ability to produce effective metrics reporting the state of application security programs
    • Build and maintain relationships with external delivery partners
    • Demonstrate the ability to effectively collaborate with Executives, Directors, Managers and Team Members in the pursuit of measurable outcomes and results
  • People Management
    • Provides leadership and direction for full time and contract Project Managers, SecOps primes, Security, Business and Technical analysts
    • Tasked with the management of approximately 40 contract or fulltime resources setup in matrix organization located in various urban centers such as; Mississauga, Montreal, and Toronto. Travel between offices is required.
    • Mentor, coach and support staff in their personal and professional development e.g. objectives setting, performance appraisals, training plans, talent management, organization changes, salary reviews, etc.
    • Provide vision, leadership, structure and communications to the team as work to though normal operational activities including service interruptions and project deployments.
    • Ensures timely and effective communications with internal/external customers, internal resources, partners and outside agencies
    • Excellent communication, negotiation, facilitation and persuasion skills enabling internal and external members to come together to solve a business problem or improve operational excellence

Critical Qualifications/Competencies:
  • 10+ years of experience leading and developing teams focused in the areas of Security Architecture, Secure Development Lifecycle Management, Application Security (web and Mobile)
  • 5+ years leading at a director level or higher, motivating teams and fostering professional development
  • Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas
  • Excellent experience with web & mobile development lifecycles and methodologies, including Waterfall and Agile Scrum (SaFE).
  • Demonstrated success leading large programs and teams in multiple locations.
  • Experience evaluating existing security standards and technology to discover opportunities and alleviate risks.
  • Excellent IT experience with strong communication skills and the ability to recognize and articulate to all levels of management representing both technical and business perspectives.
  • Strong negotiation, facilitation and persuasion skills enabling internal and external members to collaborate and build premier digital experiences
  • Strong thinker with ability to associate technical tasks as well as relate to pertinent business processes
  • Strong experience with implementing successful and effective sSDLC program with high level of automation
  • In-depth experience with common web application vulnerabilities, such as the OWASP Top 10, and business logic flaws; ability to explain all vulnerabilities and weaknesses and discuss effective defensive techniques

Preferred Qualifications/Competencies:
  • Bachelor's Degree, MBA or Master's degree in Business Administration, Computer Science, or related field (work experience can be used in place of education)
  • Excellent verbal, people and written communication skills
  • Flexibility and adaptability to respond to new information, changing conditions, and obstacles
  • Partnering and collaboration skills to develop networks, build alliances, engage in cross-functional activities and find common ground with stakeholders.
  • Knowledge of operations management competencies that can be applied regardless of situation or initiative e.g. critical outage, system maintenance, contract negotiations, etc
  • Program Management Experience involving significant revenue streams
  • Security+, GSEC, CISSP certifications

Working Conditions:
  • Occasional travel to regional offices in Montreal, Toronto and Ottawa, conferences, employee sessions, seminars, training, etc
  • Willing to work as the job requires; non-business hour and weekend work as it relates to meeting timeline or assisting with incident and problem resolution

#cybersec
#LI-JW1
Bilingualism is an asset (English and French); adequate knowledge of French is required for positions in Quebec.
Additional Information:
Position Type: Management
Job Status: Regular - Full Time
Job Location: Canada : New Brunswick : Fredericton || Canada : New Brunswick : Moncton || Canada : New Brunswick : Saint John || Canada : Newfoundland : St. John's || Canada : Nova Scotia : Bedford || Canada : Nova Scotia : Halifax || Canada : Ontario : Mississauga || Canada : Ontario : Ottawa || Canada : Ontario : Toronto || Canada : Quebec : Montreal
Application Deadline: 01/24/2021
Please apply directly online to be considered for this role. Applications through email will not be accepted.
At Bell, we don't just accept difference - we celebrate it. We're committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.
Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or recruitment@bell.ca to make arrangements. If you have questions regarding accessible employment at Bell please email our Diversity & Inclusion Team at inclusion@bell.ca.
Created: Canada , ON , Mississauga
Bell, one of Canada's Top 100 Employers.
Apply Now

About Bell

Canada’s largest communications provider, Bell is at the forefront in delivering world-leading broadband networks, the next-generation services consumers and businesses rely on, and the media content that Canadians want the most.

Joining the Bell team puts you at the centre as we connect Canadians with each other and the world. Recognized as one of Canada’s Top Employers for Young People and a Best Diversity Employer, Bell offers a wide range of career opportunities: network engineering, research & development, customer service, IT, media production, marketing, finance and many more.

Our more than 50,000 team members in every province and territory of the country work in an environment that promotes collaboration, creativity and professional growth, while the positive impact of Bell Let’s Talk is reflected in our award-winning mental wellness workplace programs.

If you’re looking to bring game-changing ideas to life, we encourage you to consider joining the Bell team.

Visit Employer Showcase