Senior Application Security Specialist

The AIR MILES Reward Program is one of Canada’s most recognized loyalty programs, with over 10 million active collector accounts, representing more than half of all Canadian households. AIR MILES collectors earn Reward Miles at more than 300 leading Canadian, global and online brands and at thousands of retail and service locations across the country. AIR MILES is a wholly-owned subsidiary of the Bank of Montreal (BMO). BMO is Canada’s oldest bank and the 8th largest in North America with more than 12 million customers globally. Position Overview: The Sr. Application Security Specialist role is responsible for designing, evaluating, and supporting application security and cloud security capabilities in support of the security and compliance programs at AIR MILES. Individuals in this role possess well developed technical skills, a strong familiarity with network, system, and application architecture, and an understanding of the technical security landscape. These strengths are applied to a variety of activities, such as application security reviews, consulting on system architecture, and securing cloud environments at scale. Individuals in this role perform a variety of activities, encompassing application, cloud, and infrastructure security including establishing standards, participating in investigations, and providing guidance on aligning to industry best practices. Responsibilities: Reviewing system and solution architecture Consulting with software developers and supporting improvements to application security Consult on risk assessments and work with stakeholders to implement measures to mitigate risk Perform audit/testing on infrastructure and application controls and work with stakeholders on remediation activities Actively work with third party service providers to lead and support any work performed Contribute to monthly Information security metrics for reporting Establish relationships with internal stakeholders, keep abreast of technology, bring emerging risks to management attention, and identify opportunities for improving existing security processes. Consult on Internal Security Policy and Baseline Standards Qualifications Experience performing DAST testing on web applications, or experience with penetration testing of applications or network environments. Experience creating security assessment reports and presenting them to clients. Demonstrated competency in project participation in a cross-functional environment and experience in managing remediation activities across the enterprise. Communication skills especially in areas where diplomacy is needed to help ensure that new policies and procedures gain the support they need to be adopted by the enterprise and management. At least 6 years of full-time work experience in information security and/or related functions Familiarity with Information security standards and IT frameworks Knowledge of Security Governance, Risk & Compliance and security audit practices. Experience in multiple security domains (e.g. Access control, application and system development, operations security, network, BCP/DR, etc.) Sound knowledge of network security and network security components such as firewalls, routers, intrusion detection and other products such as SIEM and anti-malware products. Strong knowledge of cloud architecture security and deployment of security controls in a cloud environment (e.g. MS Azure, AWS, etc.). Hands-on experience building and operating in a cloud environment. Thorough understanding of web application architecture, single sign on technologies, and the HTTP/HTTPS protocols. Seniority level

Seniority level Mid-Senior level Employment type

Employment type Full-time Job function

Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at AIR MILES Reward Program by 2x Get notified about new Senior Application Security Specialist jobs in

Toronto, Ontario, Canada . We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr