Job Summary

Job Description

What is the opportunity?

Reporting to the Director of Application Security Transformation – you would provide technical execution in the area of Application Security for the global RBC business and application development teams across all enterprise information technology groups. You will be participating in the development of application security best practices, tools, and processes. You will also help execute various application security projects across all RBC lines of business. This role will also require you to have a solid understanding of DevSecOps, CI/CD pipelines and various application security testing techniques such as SCA, SAST, DAST and IAST.

What will you do?

Develop integration capabilities by partnering with the Enterprise DevOps teamDevelop automation for tools onboarding and security controls enforcementSupport end users of a DAST tool managing tickets through a ticketing platformReview Dynamic application security testing reports and validate findings and false positives and assist developers in remediationEducate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters across the organizationAssist in the development, evaluation, and implementation of application security controls and processesWork in a diverse environment leveraging other team members’ experience and knowledgeParticipate in and lead a range of application security assessment activitiesEnsure applications are thoroughly tested for security vulnerabilities using industry best practices before production releaseResearch and keep up to date on application security emerging threats, techniques, tools and trendsDevelop metrics to measure the Security and Risk posture of RBC applications

What do you need to succeed?

Must have:

A relevant degree or certificate in Computer Science a comparable field of study, or equivalent practical experienceKnowledge of OWASP, SANS or other security-related frameworksExposure to application security best practices such as secure coding, security testing techniques and Secure Software Development LifecycleExperience developing and testing apps in any of the programming languages: Python, Java (preferred)Understanding of CI/CD, DevOps and DevSecOps approaches and experience working with DevOps toolsKnowledge of SCA (Software Composition Analysis), SAST (Static Application Security Testing) & DAST (Dynamic Application Security Testing) toolsStrong written and verbal communication skillsStrong ability to manage client and stakeholder relationsAbility to help and mentor junior members of the teamSolid understanding of OWASP Top 10 Web & API

Nice-to-have: 

Experience working with SCA, SAST/DAST toolsUnderstanding of GitHub Actions-based pipeline & GitHub Advanced Security toolsPrior experience in leading Security Controls & EnforcementExperience working in a tool support role

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference in our communities, and achieving mutual success

A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicableLeaders who support your development through coaching and managing opportunitiesAbility to make a difference and lasting impactWork in a dynamic, collaborative, progressive, and high-performing teamFlexible work/life balance optionsOpportunities to do challenging work and take on progressively greater accountabilities

#LI-Hybrid

#LI-POST

#TECHPJ

Job Skills

Application Programming Interface (API), Application Security, Applications Programming, Critical Thinking, DevOps, Group Problem Solving, Information Security, Java, Open Web Application Security Project (OWASP), OWASP Top 10, Prioritization, Python (Programming Language), Secure Coding Practices, Software Development

Additional Job Details

Address:

410 GEORGIA ST W, FLOOR 3:VANCOUVER

City:

VANCOUVER

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

TECHNOLOGY AND OPERATIONS

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2024-11-15

Application Deadline:

2025-01-20

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
​​​​​​​
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.