Jobs in Canada

Application Security Specialist

Full Time
  • Full Time
  • Toronto

AIR MILES Reward Program


The AIR MILES Reward Program is one of Canada’s most recognized loyalty programs, with over 10 million active collector accounts, representing more than half of all Canadian households. AIR MILES collectors earn Reward Miles at more than 300 leading Canadian, global, and online brands and at thousands of retail and service locations across the country. AIR MILES is a wholly owned subsidiary of the Bank of Montreal (BMO). BMO is Canada’s oldest bank and the 8th largest in North America, with more than 12 million customers globally.

Position Overview:


The Sr. Application Security Specialist role is responsible for designing, evaluating, and supporting application security and cloud security capabilities to support AIR MILES’ security and compliance programs. This role requires well-developed technical skills, familiarity with network, system, and application architecture, and an understanding of the technical security landscape. Responsibilities include application security reviews, consulting on system architecture, and securing cloud environments at scale. The role involves activities across application, cloud, and infrastructure security, including establishing standards, participating in investigations, and providing guidance aligned with industry best practices.



Responsibilities:

  1. Review system and solution architecture.
  2. Consult with software developers and support improvements to application security.
  3. Advise on risk assessments and collaborate with stakeholders to implement risk mitigation measures.
  4. Perform audits and testing on infrastructure and application controls, and coordinate remediation activities.
  5. Work actively with third-party service providers to lead and support security initiatives.
  6. Contribute to monthly information security metrics for reporting.
  7. Establish relationships with internal stakeholders, stay updated on technology trends, identify emerging risks, and suggest improvements to security processes.
  8. Provide consultation on internal security policies and baseline standards.

Qualifications:

  1. Minimum of 6 years of full-time experience in information security or related fields.
  2. Proven experience in cross-functional project participation and managing remediation efforts enterprise-wide.
  3. Strong communication skills, especially in diplomatically promoting policy and procedure adoption.
  4. Knowledge of information security standards and IT frameworks.
  5. Understanding of security governance, risk, compliance, and audit practices.
  6. Experience across multiple security domains such as access control, application and system development, operations security, network security, and BCP/DR.
  7. Solid understanding of network security components including firewalls, routers, IDS, SIEM, and anti-malware products.
  8. Extensive knowledge of cloud security architecture and controls deployment in cloud environments (e.g., MS Azure, AWS).
  9. Hands-on experience in building and operating cloud environments.

Additional Details:

  • Seniority level: Associate
  • Employment type: Full-time
  • Job function: Information Technology
  • Industry: Advertising Services


#J-18808-Ljbffr

Source

To apply, please visit the following URL: