Talent.com
Croesus
AI Application Security AnalystCroesus • Laval, Canada
No longer accepting applications
AI Application Security Analyst

AI Application Security Analyst

Croesus • Laval, Canada
18 days ago
Job type
  • Full-time
Job description

All meetings and internal communication at Croesus are conducted in French, so a strong proficiency in French is mandatory.

Croesus provides innovative, high-performance, and secure wealth management solutions that include portfolio management systems, portfolio rebalancing tools, and application programming interfaces (APIs). These solutions empower wealth management professionals to improve their productivity, enhance their client relationships, make informed decisions, and maximize the management of their assets under management.


Croesus’s mission is to provide a superior experience to its clients, users, partners, and employees and to positively impact the community. With more than 200 employees in its Montréal, Toronto, and Geneva offices, Croesus has won several industry awards for being a high-quality solution provider and an outstanding employer.


As a member of the information security team, you serve as the strategic bridge between development and cybersecurity. Your role is to integrate security from the earliest stages of software design (“security by design”) and to turn technical constraints into drivers of excellence. As a hands-on expert, you support teams in effectively addressing vulnerabilities and fostering a culture of security. You also serve as the internal point of contact for the security of the artificial intelligence components integrated into our SaaS products.


Main Responsabilities:

Vulnerability Management and Triage

  • Classify vulnerabilities based on actual risk by correlating severity scores with business impact.
  • Support product managers in prioritizing fixes within development backlogs.
  • Oversee remediation using key performance indicators and validate the robustness of fixes.

Secure Architecture and Development

  • Conduct critical code reviews for C#, C++, Python, and web environments.
  • Secure data processing chains.
  • Get involved as early as the design phase through threat modeling. Extend this practice to AI components and agent-based architectures integrated into our products (RAG, autonomous agents, MCP integrations).

Security of AI Components in Products

  • Assess the security of integrations between our products and third-party AI models.
  • Apply the OWASP LLM Top 10 framework during code reviews and threat modeling exercises.
  • Define, in collaboration with development and DevOps teams, the application controls governing the use of generative AI in products: secret management for third-party model APIs, input and output validation, server-side controls on prompts, and checkpoints in CI/CD pipelines.
  • Evolve internal secure development standards for AI components.
  • Assess risks specific to the agent-based architectures integrated into our products: indirect prompt injection (RAG), excessive agency, tool poisoning, and MCP integration security.

Leadership: Security Champions Program

  • Lead the Champions Guild across various functional areas.
  • Organize knowledge transfer through workshops, simulation exercises, and training sessions.
  • Provide personalized technical mentoring to security champions.

Security Automation and Integration

  • Maintain automated security checks in continuous integration and continuous deployment (CI/CD) pipelines.
  • Evaluate, deploy, and refine static and dynamic analysis (SAST, DAST), software composition analysis (SCA), and secret detection tools, ensuring a good balance between coverage, false positive rates, and developer experience.

  • Overall experience: Minimum 5 years in information technology.
  • Domain expertise: Minimum 2 years in software development and 3 years in application security.
  • Education: Degree in computer science. A specialization or additional training in security is a major asset
  • Development & Code
  • Advanced proficiency: C#, C++, and Python (AI and data).
  • Web Security: Proficiency with modern development frameworks (TS/JS) and defense against common attacks.
  • Security Methodologies: Static and dynamic analysis, software composition analysis.
  • Automation: Integration of automated security controls into deployment pipelines.
  • Risk Analysis: Translation of technical vulnerabilities into understandable business risks

Why join Croesus ?

  • À la carte vacations
  • Annual salary + Corporate profit-sharing plan
  • Hybrid work, 2 days a week in office (Laval &Montreal offices)
  • Sports program
  • Gym available at our Laval head office
  • Telemedicine + group insurance (super useful for the family 😉 )
  • Group RRSP
  • Proximity to Montmorency & Mcgill metro
  • Ongoing training and development plan
  • Referral bonus
  • Indoor and outdoor parking & electric car recharging
  • Croesus boutique
  • Beautifully renovated and spacious office
  • Complimentary breakfast every morning
  • 2X per month, Happy hours, prepared by our Croesus Life Partner


Are you interested in this challenge? Do you believe you have the qualities and expertise required for this position? Please complete your application today.


Although all applications are carefully analyzed, we will communicate only with those selected. Thank you for your interest in Croesus.

Create a job alert for this search

AI Application Security Analyst • Laval, Canada

Similar jobs

IT Security Risk Analyst

Onico SolutionsMontreal (administrative region), QC, CA
Permanent

The IT Security Risk Analyst supports the Information Security Risk Management and Governance programs.They work with technology and business stakeholders to identify Information Security risks, co... Show more

 • Promoted

Architectural Security Specialist in Cyber

PowerToFlyMontreal (administrative region), QC, CA
Full-time

Shape the future of security architecture at Morgan Stanley as a Senior Security Architecture Specialist.This hybrid position is designed to position compliance at the heart of development practice... Show more

 • Promoted

Cyber Security Threat Intelligence Analyst

LeadingtalentMontreal (administrative region), QC, CA
Full-time

Location: Montreal, Valcourt, Sherbrooke, Brossard (other locations may be considered).Security Clearance: Must have or be eligible to obtain Reliability Clearance.We are seeking a proactive biling... Show more

 • Promoted

Application Security Specialist.

EXFOMontreal
Full-time

EXFO develops smarter network test, monitoring, and analytics solutions for the world’s leading telecommunications service providers, network equipment manufacturers, and web-scale companies—and we... Show more

 • Promoted

Cyber Security Architect

Intuitive.aiMontreal (administrative region), QC, CA
Full-time

Talent Acquisition Leader | Hiring Cloud Professionals Globally.Cloud is one of the fastest-growing (INC 5000, CRN) Cloud & SDx solution and services companies supporting enterprise customers on a ... Show more

 • Promoted

Security Analyst (SOC)

Bedard ResourcesLaval
Full-time

Our client is looking for a Junior Cybersecurity Analyst to assist with the daily management of a simulation platform, support the onboarding of new clients, and contribute to analyses related to a... Show more

 • Promoted

Workday Security Analyst

neteffectsMontreal (administrative region), QC, CA
Full-time

Remote from the UK - to work for an International US-based company.Workday security area – focusing on Workday HR user, domain, business process, and integrations security, privacy, audit, controls... Show more

 • Promoted

Lead application security analyst

National BankMontreal, Montreal (administrative region), CA
Full-time

A career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises.This position allo... Show more

 • Promoted

Azure AI Security & Governance Consultant

ConcentrixMontreal (administrative region), QC, CA
Full-time

A customer experience solutions provider based in Canada is seeking a Cybersecurity Consultant to lead strategic AI security initiatives.The ideal candidate will have deep expertise in the Microsof... Show more

 • Promoted

Remote Senior SOC Analyst for Threat Detection and Incident Management

TreantlyMontreal (administrative region), QC, CA
Remote
Full-time

Shape cybersecurity efforts as a Senior SOC Analyst, proficient in threat detection and incident response.Lead remote operations to tackle complex security challenges while mentoring junior analyst... Show more

 • Promoted

Senior Cloud & Application Security Engineer (Remote)

Perseus Group, Constellation SoftwareMontreal (administrative region), QC, CA
Remote
Full-time

A leading technology firm is seeking a cybersecurity professional to design and implement security controls across cloud platforms.The role emphasizes vulnerability management and threat response.C... Show more

 • Promoted

Lead Application Security Analyst

National Bank of CanadaMontreal (administrative region), QC, CA
Full-time

A career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises.This position allo... Show more

 • Promoted

Security Analyst

Prosperity Workforce SolutionsMontreal (administrative region), QC, CA
Temporary

We are seeking a highly skilled.This temporary position will focus on fine-tuning threat detection models, ensuring best practices in endpoint protection, and improving the utilization of our secur... Show more

 • Promoted

Cybersecurity Analyst & AI Tutor — Remote Threat Hunter

MindriftMontreal (administrative region), QC, CA
Remote
Part-time

A technology consulting firm based in Canada is seeking a Freelance Cybersecurity Analyst - AI Trainer to collaborate on innovative AI projects.The role involves analyzing security alerts, conducti... Show more

 • Promoted

Strategic Information Security Architect

ColliersMontreal (administrative region), QC, CA
Full-time

Transform global security architecture as a Strategic Information Security Architect.Spearhead cloud migration security strategies while ensuring systems are secure and compliant.This pivotal role ... Show more

 • Promoted

AI Security Evaluation Platform Developer

Mila - Institut québécois d'intelligence artificielleMontreal (administrative region), QC, CA
Full-time

Take charge of building an AI security evaluation platform as a Principal Developer.Leverage your strong software development and security systems knowledge to create tools that enhance agent robus... Show more

 • Promoted

Cyber Security Analyst Position in Montréal

Groupe Dynamite, Inc GarageMount Royal, Montreal (administrative region), CA
Full-time

Join Groupe Dynamite as a Cyber Security Analyst in Montréal, where you will secure our technological environments with a focus on multi-cloud and on-premise infrastructures.This role is essential ... Show more

 • Promoted

AI Security CSM: Automation & SOC Orchestration

D3 SecurityMontreal (administrative region), QC, CA
Full-time

A cybersecurity technology firm is seeking a Technical Customer Success Manager in Canada to drive customer engagement and ensure effective deployment of their AI-driven automation platform.Candida... Show more

 • Promoted

Lead Application Security Manager at Workleap

ShareGateMontreal (administrative region), QC, CA
Full-time

Take the lead as an Application Security Manager at Workleap, focusing on security integration in Microsoft 365 products.Your coding and security skills will be key to our innovative solutions.In t... Show more

 • Promoted

Remote Information Risk & Security Analyst

DexianMontreal (administrative region), QC, CA
Remote
Full-time

A leading IT services firm is seeking an Information Control Testing Specialist to manage information risk and ensure compliance with security policies.You will work on global initiatives, conduct ... Show more