Jobs
>
Montréal

    Senior Application Security Specialist - Montreal, Canada - Petal

    Petal
    Petal Montreal, Canada

    6 days ago

    Default job background
    Full time_permanent
    Description

    Petal is a leading Canadian healthcare orchestration and billing company that revolutionizes healthcare systems to make them agile, efficient, and resilient by enabling the forecasting and shaping of world-class healthcare through Healthcare BI, advanced analytics, and informed insights.

    Our commitment to fostering an exceptional workplace culture has earned us notable recognitions, including being listed as a Great Place to Work in both the technology and healthcare sectors. Join us in our mission to empower healthcare innovators and improve healthcare differently.

    What you can expect when joining the team

    As a Senior Application Security Specialist at Petal, you will play an important role in helping to protect the security of our customers' information in our applications. Your role will also be vital in promoting a security by design mindset throughout the organization.

    We are seeking a candidate who combines in-depth knowledge of security practices with a sharp ability to effectively transmit this knowledge. Your efforts will be essential in integrating a robust security culture at the core of our company. Your role will not only involve teaching security but also transforming our mindset and approach to security in our daily operations.

    Your daily life

    During the day, you will be led to:

  • Play a crucial role in building a strong security culture within Petal, emphasizing the importance of security in all aspects of our work, notably through initiatives such as our Security Champions program or our practice communities;
  • Work closely with development teams to understand their current security training needs to create engaging and diverse educational content that caters to different learning preferences, ensuring that all development team members understand and apply security principles;
  • Stay informed about the latest security threats, trends, and technologies to keep our security strategies as well as our training materials up to date with best practices;
  • Understand software security needs by closely collaborating with stakeholders to identify specific security requirements;
  • Participate in the design of our applications by integrating security mechanisms from the outset. This may include defining secure architecture, designing access controls, managing identities, and considering encryption mechanisms;
  • Oversee vulnerability management in our application code and ensure that they are addressed by our teams within specified timelines;
  • Ensure that sensitive data is properly protected, using encryption techniques, key management policies, and ensuring data confidentiality and integrity;
  • Participate in security incident response when necessary;
  • Contribute to the evolution of our SDLC, our application security policy, as well as the processes/procedures that support them;
  • Collaborate and serve as a bridge between the compliance team and our developers, especially during audits;
  • Identify and assess potential security risks in existing and new applications. This may include conducting risk analyses, security audits, and code reviews to detect vulnerabilities;
  • Effectively communicate with other team members, write reports on vulnerabilities, and raise awareness of the importance of security.

    • Your profile

    Are you a senior security expert known for your ability to design and implement robust application protection solutions? Are you seeking an opportunity to leverage your skills and experience to make a real difference?The sky is the limit If you have:

  • A bachelor's degree in Computer Science, Software Engineering, Computer Security, or a related field - a master's degree in computer security is an asset;
  • A minimum of 5 years of experience in application security and at least 7 years of experience in IT;
  • Excellent communication and presentation skills, with the ability to explain complex security concepts to both technical and non-technical audiences.;
  • A thorough understanding of modern web application vulnerabilities and their remediation (OWASP Top 10, CWE Top 25);
  • The ability to quickly learn and teach various security topics such as threat modeling, shifting left, cloud security, etc.;
  • The ability to demonstrate that a vulnerability is technically exploitable through a proof of concept (PoC);
  • Experience in software development in the healthcare domain, knowledge of FHIR, HL7 as well as familiarity with common security frameworks such as ISO 27001, NIST, OWASP, etc.;
  • A deep understanding of computer security principles (common vulnerabilities, attack techniques, and best security practices);
  • Good knowledge of security tools such as vulnerability scanners, intrusion detection tools, etc.;
  • Strong attention to detail and solid analytical, organizational, and task management skills;
  • Experience in secure development (secure development practices, penetration testing, and application auditing to identify and resolve vulnerabilities) (strong asset);
  • Security certifications (CISSP/CSSLP/CCSP/OSCP, etc.) (asset);
  • Since you will be regularly interacting with English-speaking colleagues and suppliers located outside of Québec, advanced proficiency in both English and French (spoken, written, and read) is preferable.

    • Petal's position on remote working

    In our opinion, a company cannot claim to be modern, innovative and have the well-being of their team at heart, without attempting to integrate remote working to the level that their business model allows them to. Post-pandemic, Petal employees will continue to benefit from the option of teleworking up to the maximum flexibility permitted by the nature of the position and the smooth running of operations.

    Our benefits

  • A signing bonus of $1,000 for your remote work set-up;
  • Compensation that recognizes your contribution;
  • 4 to 6 weeks of paid vacation per year;
  • 5 ​paid personal days​ per year​;
  • A ​group RRSP / DPSP plan with employer contribution;
  • ​A ​complete group ​insurance ​plan, from day 1;
  • An ​annual wellness allowance;
  • Access to the Dialogue telehealth application;
  • Flexible work hours and more.

    • Petal is an active participant in the equal opportunity employment program, and members of the following target groups are encouraged to apply: women, people with disabilities, aboriginal peoples and visible minorities. If you are a person with a disability, assistance with the screening and selection process is available on request.

  • AtkinsRéalis

    Cyber Security Specialist

    5 days ago

    AtkinsRéalis Montréal, QC, Canada

    Spécialiste en cyber sécurité (ICS/OT) · Vous êtes à la recherche d'une opportunité enrichissante en tant que spécialiste en cyber sécurité (ICS/OT)? Ce rôle correspond à la mission de AtkinsRéalis de transformer, d'adopter les technologies numériques et de garantir la croissance ...

  • Business Development Bank of Canada

    Specialist, IT Security

    6 days ago

    Business Development Bank of Canada Montréal, Canada

    No other bank is doing what we do. · At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We're devoted to Canadian entrepreneurs. We ...

  • Canadian National Railway

    Specialist Security

    1 week ago

    Canadian National Railway Montréal, Canada

    At CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automa ...

  • Atlantis IT group

    Cyber Security Specialist

    2 days ago

    Atlantis IT group Montréal, Canada

    **Role **:Cyber Security Specialist** · **Location : Montreal**, QC ( Hybrid )** · **Duration **:Long Term** · Thanks & regards, · **Daniel ( Gopal )** · **Apptoza Inc.** · Phone: Ext 5001 ...

  • Soho Square Solutions

    Cyber Security Specialist

    2 days ago

    Soho Square Solutions Montréal, Canada

    Qualifications: · - 8 or more years of total work experience, with at least 5 years in IT Security. · - Significant experience with ethical hacking/penetration testing. · - Excellent understanding of defense-in-depth principles and network security architecture. · - Knowledge of ...

  • Business Development Bank of Canada

    Application Security Specialist

    4 days ago

    Business Development Bank of Canada Montréal, Canada

    No other bank is doing what we do. · At BDC, we help Canada and its entrepreneurs create a prosperous, inclusive and green economy. Our mission is to help Canadian businesses thrive by providing financing, capital and advisory services. We're devoted to Canadian entrepreneurs. We ...

  • Bell Canada

    Specialist, Cyber Security

    1 week ago

    Bell Canada Montréal, Canada

    As the largest high-tech team in Canada, Network and Technology Services builds cutting edge fibre and 5G networks that drive how Canadians connect with each other and the world Our team is at the forefront of developing Bell's leading products and services: Fibe TV and Internet, ...

  • SSENSE

    Copy of Cyber Security Specialist

    1 week ago

    SSENSE Montréal, Canada

    Company Description · SSENSE (pronounced [es-uhns]) is a global technology platform operating at the intersection of culture, community, and commerce. Headquartered in Montreal, it features a mix of established and emerging luxury brands across womenswear, menswear, kidswear, and ...

  • State Street

    Operations Specialist Securities Valuation

    4 days ago

    State Street Montréal, Canada

    Why this role is important to us · The team you will be joining is a part of State Street Global Services (SSGS). SSGS gives asset owners and managers access to the essential financial tools they need to deliver effective investment solutions. · Securities Valuation is a centrali ...

  • IBM

    Security Solutions Sales Specialist

    1 week ago

    IBM Montréal, Canada

    **Introduction** · At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. A ...

  • UNITED PARCEL SERVICE

    Security Specialist

    2 days ago

    UNITED PARCEL SERVICE Lachine, Canada

    **Primary Job Posting Location**: · Lachine, Quebec Canada · Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what i ...

  • Nestle

    Quality Safety Security Health Specialist

    2 days ago

    Nestle Montréal, Canada

    **Position Snapshot** · **Business area: Nespresso Canada** · **Job title: Quality, Security, Safety & Health Specialist (12-month)** · **Location: Montreal, QC** · **Hybrid** · **A little bit about us** · Nestlé Nespresso SA is the pioneer and reference for highest-quality porti ...

  • Scotiabank

    Supervision Specialist for Scotia Securities Inc

    2 days ago

    Scotiabank Montréal, Canada

    Requisition ID: 179150 · Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. · **Purpose** · Contributes to the overall success of the Centralized Compliance Department, Scotia Securities Inc. in Canada ensuring specific individu ...

  • Sonepar Canada

    IT Security Grc Specialist

    1 day ago

    Sonepar Canada Laval, Canada

    **About Us**: · Sonepar Canada is an independent family-owned company with global market leadership in the business-tobusiness · distribution of electrical, industrial and safety products and related solutions. We are a proud member of the Sonepar Group, the world's largest priva ...

  • Bitfarms

    IT Specialist, Security Analyst

    1 week ago

    Bitfarms Brossard, Canada

    Bitfarms is a global vertically integrated Bitcoin mining company that operates one of the largest cryptocurrency mining operations in North America. As the only publicly traded pure-play Bitcoin mining company audited by a Big Four audit firm, we are a global operation powered b ...

  • DELAN - IT Head Hunters

    IT Security Specialist

    3 weeks ago

    DELAN - IT Head Hunters Montreal, Canada TEMPORARY

    Tasks/Responsibilities · We are currently looking for an IT Security Specialist for a 6-month contract with the possibility of being renewed. · MANDATE · Contribute to the effectiveness of the company's Security Operations Center (SOC) · Monitor vulnerabilities, analyze security ...

  • BDC

    information security specialist, it security

    1 week ago

    BDC Montreal, Canada Full time

    We are banking at another level. · Choosing BDC as your employer means working in a healthy, inclusive, and skilled workplace that puts forward the best conditions to bring together unique teams where employees are empowered to act. It also means being at the centre of ambitiou ...

  • Top Aces

    Specialist, Security and Trade Compliance

    1 week ago

    Top Aces Dorval, Canada

    Top Aces is a privately owned, Montreal-based global leader in aerospace and defence founded in 2000 by three former Royal Canadian Air Force CF-18 fighter pilots. We provide advanced adversary (Red Air), air-defense and Joint Terminal Attack Controller (JTAC) training services t ...

  • eTeam

    Cyber Security Specialist

    1 week ago

    eTeam Montreal, Canada

    Job title:- IT Infra & Cyber Security Specialist – Vulnerability Management · Location:- Montreal, QC · Duration:- 12 Months · The position at a glance · We are currently seeking an IT Infra & Cyber Security Specialist with expertise in Vulnerability Management to be located in o ...

  • HireTalent - Diversity Staffing & Recruiting Firm

    Cyber Security Specialist

    1 week ago

    HireTalent - Diversity Staffing & Recruiting Firm Montreal, Canada

    Title: IT Infra & Cyber Security Specialist – Vulnerability Management · Client ID: / · Contract Duration: 12 Months (Hybrid) · Location: Montreal, QC · Job Description: · • Perform BAU activities of Production Security Vulnerability Management function, including Asset/Scanning ...