Director, Information Security and Risk Management

  • Full Time
  • Toronto
  • This position has been filled

Our client is one of the biggest retailer company of Canada is looking for a Senior Director, Information Security, kindly see below:

WHAT YOU WILL DO:

  • Define application security best practices and continually refine the security requirements and coding standards in conjunction with multiple stakeholders including business, security and architecture teams.
  • Identify application security requirements and assist stakeholders in integrating them into the development lifecycles
  • Manage and maintain digital security testing effort of enterprise applications.
  • Provide continuous visibility on the digital security program to the information security leadership
  • Collaborate with large group of stakeholders to maintain and improve the efficiency and effectiveness of the digital security program

WHAT YOU WILL NEED:

  • Strong interpersonal skills and ability to articulate technology controls into business context
  • Demonstrated knowledge of latest application security techniques and technologies
  • Strong understanding on integration of security into traditional waterfall and advanced application development models (e.g. Agile, DevOps)
  • Strong understanding of secure coding, application penetration testing and security activities
  • Technical knowledge on securing applications including the strategic and tactical fixes for common vulnerabilities and knowledge on leading application security industry standards such as SANS and OWASP
  • Experience in driving application security remediation at enterprise scale with diverse stakeholders
  • Prior experience in secure development lifecycle, threat risk assessments and threat modelling exercises
  • Strong multi-tasking capabilities with attention to detail and the ability to dive deeply into issues
  • Must have penetration testing knowledge and/or skills.
  • Industry certifications such as CISSP, CSSLP, GWEB, GWAPT preferred