You're using an older version of Internet Explorer that is no longer supported. Please update your browser.
Scotiabank

Application Security Architect - Hybrid

Location
Toronto, ON
Details
Full Time
6 days ago
Requisition ID:156774

Cost Centre:Enterprise Security Services

Employee Referral Program - Potential Reward:$2,000.00

We are committed to investing in our employees and helping you continue your career at Scotiabank.
Responsibilities :
  • Collaborate with stakeholders across the Bank - technology, application security, security architecture, security advisory, fraud, compliance and business channel teams - to drive the design and architecture of application security process and tooling, including creating standard design patterns to be used across the Bank.
  • Deep dive into DevOps pipeline and developer tooling to understand how to enable and automate security for developers
  • Deep-dive into SAST, DAST, MAST, SCA, IAST/RASP, SBoM, RCM, API Security and other application security technologies to shift-left security
  • Deep dive into IaC, container security and securing cloud native applications.
  • Will work closely with multiple cross enterprise teams to build business cases driving the adoption of new security products
  • Implementation and operations governance based on the defined enterprise standard solution architecture and design patterns
  • Co-ordinate efforts from business, security and technology teams.
  • Communicate regularly with various business channels on the progress made for various projects in the pipeline

Where will you work ?
This is a Hybrid role.

Must Have:
  • 10+ years experience in software development, with 2+ years in as an architect in application security
  • 3+ years experience with CI/CD Pipeline tools and processes like BitBucket/GitHub, Jfrog Artifactory, Ansible, Confluence, Jira, Bamboo etc
  • 3+ years experience with configuring popular CI/CD tools like Jenkins, Azure DevOps, GitLab CI/CD, CircleCI
  • 3+ years practical experience with SAST, SCA, DAST tools like Veracode, Checkmarx, Fortify, Snyk, Burp Suite, Zap etc
  • Knowledge of threat modeling, vulnerability management and risk assessment
  • Knowledge of OWASP Top 10, OWASP API Top 10, Mitre, CVE/CVSS
  • 3+ years experience in the financial industry
  • Demonstrable writing and deck preparation skills for technical, management, and executive audiences
  • Demonstrable communication capability including verbal presentations to senior leadership

Nice to Have:
  • Experience with deployment and managing IaaS, PaaS & SaaS solutions
  • Experience with infrastructure as code (IaC)
  • Experience with API Security
  • Experience building business cases demonstrative value of a product and cost-benefit analysis .
  • Security certifications like CISSP

Location(s): Canada : Ontario : Scarborough || Canada : Alberta : Calgary || Canada : British Columbia : Vancouver || Canada : Ontario : Ottawa || Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Job Segment: Architecture, Developer, Cloud, Investment Banking, Solution Architect, Engineering, Technology, Finance
Category
Creative and Graphic Design Information Technology