Director, Application Security

Permanent Full Time 

-

The Director, Application Security will partner with key stakeholders to develop and implement proactive and effective applications security program across Canada Life, helping business technology teams to deploy and manage secure technology products.

Working closely with the AVP, Information Security Services, this role will be accountable for the end-to-end application security program, ensuring security controls are identified and deployed as part of the SDLC and there are defined processes to detect and manage vulnerabilities and misconfigurations in code and run time environments. 

This role will work with technology stakeholders to drive engagement and adoption of application security best practices to ensure security risks are identified, communicated and timely remediation efforts are executed. 

What you will do

• Implement and champion secure SDLC services, including Threat Modeling, Threat Risk Assessment (TRA), static and dynamic scanning, and penetration testing.
• Promote secure development through implementation of threat modeling practice and integration of application security tools into the CI/CD pipelines.
• Collaborate with software development teams and business leadership to provide expert advice on secure coding techniques, remediate identified vulnerabilities and drive down software security risk.
• Partner with technology stakeholders to define and execute the application security strategy, identify, and drive resolution of application security vulnerabilities.
• Champion DevSecOps practices to shift application security left with increased automation and preventative controls
• Manage cross functional relationships to drive security adoption across applications, while fostering an environment of collaboration and enablement.
• Improve application security posture by driving application vulnerability management program execution, effectively communicating security risks, developing remediation plans, and tracking issues to resolution
•  Look for opportunities to manage dynamic workload efficiently to ensure timely response to business needs
• Collaborate effectively with other leaders from across the organization to identify, formulate and enforce security improvements that balance risk with business operations, and do not diminish efficiencies or innovation.
• Actively participate in supporting the organizations ISO, SOC and Controls programs
• Foster, advocate for, and strengthen Canada Life’s overall security posture
• Build and maintain a backlog of security remediation work
• Establish, support, and streamline security reporting metrics
• Lead the Applications Security team to achieve and surpass personal and team objectives
• Provide support to risk, governance and audit activities and testing
• Perform other duties as assigned

What you will bring 

• 8+ years of leadership experience managing applications security programs
• 10+ years of progressive experience across multiple information security domains.
•  5+ years' experience in the financial services industry is preferred
• Bachelor's degree in computer science, Information Systems, Business Technology or equivalent experience
• Strong Understanding of information security controls, tools, and practices across variety of applications formats
• Working experience developing and implementing application security controls in Google Cloud, Microsoft Azure and AWS.
• Exposure to cloud-based application security tools and integrations
• Proven ability to identify, analyze and translate information security risk in the context of what it means to achieving business objectives
• Proven experience in implementing Threat Modeling and Threat Risk Assessment processes
• Demonstrated ability to deliver measurable results to enhance security posture and reduce risk
• One or more of the following certifications in a good standing order is considered an asset: CISM, CISSP, CCSP and CSSLP.
• Working knowledge of information security frameworks like ISO27001/2 and NIST
• A “continuous improvement” mindset
• Excellent written and oral communication skills
• Demonstrated capability to build and foster strong relationships through collaboration, influencing change, and building consensus
• Constant learner and passion for technology and risk governance
• Deep understanding of how large enterprise organizations work, within in a regulated environment
• Excellent track record of leading and developing high performing teams
• Experience with ServiceNow GRC or other GRC platforms is an asset

-

The base salary for this position is between  $92,100- $170,500 annually.  This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc).  If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Be your best at Canada Life- Apply today!

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

#LI-Hybrid