Our client is one of the biggest retailer company of Canada is looking for a Senior Director, Information Security, kindly see below:
WHAT YOU WILL DO:
- Define application security best practices and continually refine the security requirements and coding standards in conjunction with multiple stakeholders including business, security and architecture teams.
- Identify application security requirements and assist stakeholders in integrating them into the development lifecycles
- Manage and maintain digital security testing effort of enterprise applications.
- Provide continuous visibility on the digital security program to the information security leadership
- Collaborate with large group of stakeholders to maintain and improve the efficiency and effectiveness of the digital security program
WHAT YOU WILL NEED:
- Strong interpersonal skills and ability to articulate technology controls into business context
- Demonstrated knowledge of latest application security techniques and technologies
- Strong understanding on integration of security into traditional waterfall and advanced application development models (e.g. Agile, DevOps)
- Strong understanding of secure coding, application penetration testing and security activities
- Technical knowledge on securing applications including the strategic and tactical fixes for common vulnerabilities and knowledge on leading application security industry standards such as SANS and OWASP
- Experience in driving application security remediation at enterprise scale with diverse stakeholders
- Prior experience in secure development lifecycle, threat risk assessments and threat modelling exercises
- Strong multi-tasking capabilities with attention to detail and the ability to dive deeply into issues
- Must have penetration testing knowledge and/or skills.
- Industry certifications such as CISSP, CSSLP, GWEB, GWAPT preferred