As a Senior Digital Security Consultant on our client’s team, you will look to solidify brand reputation by helping ensure that we build and maintain secure digital customer experiences. You will improve client’s overall security posture through evolving our culture, processes and tools. You will be an ambassador to drive security awareness and fluency for product owners, delivery teams and stakeholders.
With a bias for prevention over remediation, you will mitigate risk through a variety of digital security methods and approaches for our customer facing digital footprint.
You are not dependent on others to do technical coding, you are a security minded developer that thinks about operations or production and keeping things going.
IN THIS ROLE YOU WILL:
Provide technical leadership, expert guidance, coordination and support to agile digital teams with a focus on promoting, assessing and maintaining secure-by-design principles and techniques in digital products. You will be responsible for the following:
- Helping evolve our secure software development practices for core web applications (both non-authenticated and authenticated experiences)
- Supporting regular vulnerability assessment and remediation activities
- Enabling others to adopt/embrace sound security practices and standards to ensure corporate information assets are protected
- Supporting and reinforcing governance related risk acceptance methods and policies
- Improving our human firewall through a variety of security awareness and education methods
- Aligning with broader Chief Security Office strategy to keep our customers, team members and corporate assets safe and secure
This is an exciting opportunity to be a part of a transformational journey with innovative talent and leading-edge technologies.
OUR CLIENT IS LOOKING FOR SOMEONE WHO:
- Has experience making sure sites/designs are compliant around process and privacy laws
- Previous consulting – coaching and providing insight into best practice around digital security
- Good knowledge of vulnerability testing
- Able to interpret security design both technical and non –technical and to effectively communicate this to others with ease.
- Comfortable and experience with relationship building and client engagement.
- 3-5 years’ recent digital security experience with formal security certification; Certified Information Systems Security Professional (CISSP) preferred
- 1-2 years’ experience applying your craft in an agile delivery shop, Scrum & Kanban
- Bachelor degree in Computer Science, Information Technology, Engineering or related discipline
- Can apply Open Web Application Security Project (OWASP) and modern network security practices in day-to-day activities
- High comfort level with technical navigation of digital systems, both the application & infrastructure layers
- Practical experience with threat detection/prevention, incident response, vulnerability management, threat modeling, risk management methodology, data de-identification and encryption standards
- Identify and interpret security design requirements (and their benefits) for technical and non-technical stakeholders
- Tendency to balance business and security needs to improve the customer experience, building and maintaining relationships through coaching, not policing
- Understanding of adversarial tactics, a penchant for curiosity, exploration and learning to stay current in your field
- Experience with enabling teams to practice sound data governance (i.e., for digital analytics)
- More than a mild curiosity in artificial intelligence (AI) and machine learning (ML)
- Desire to collaborate, roll up your sleeves/be in the weeds, ideally, you don’t need anyone to code for you, comfort with Node.js/React is desirable
- Affinity for automating repetitive functions and a general dissatisfaction with traditional ways of doing things
- Awareness regulatory factors governing our industry (i.e., privacy & Canada’s Anti-Spam Legislation)
- Familiarity with search engine optimization (SEO) principles (e.g., the brand implications of domain name strategy)
Please send us your resume via our contact form below.
We also want to thank you for taking the time to visit our site and to submit your resume for consideration. Due to the amount of résumés we receive however, time does not permit us to personally respond to every single submission for an individual position or opportunity. Only considered candidates will be contacted for follow up.