Senior Manager, Application Security

Alberta, Canada - Remote

Full Time Senior-level / Expert USD 62K - 115K *

ATB Financial

Big life events can trigger big banking changes. Whether you’re starting university or planning your retirement, we’ve made it easy to find the accounts and resources you need.

View company page

Our bottom line is different.

There’s something special about working at ATB, and it’s been recognized on every top employer list that matters. Maybe it’s our exceptional culture where your total wellness is supported through market-leading benefits and you’re free to bring your whole self to work. Maybe it’s our commitment to a growth mindset and our unrelenting thirst for making it possible for fellow Albertans—even the ones who aren’t our clients.

Whatever it is, you won’t find a more genuine, driven and knowledgeable group of humans anywhere. We foster a culture of purpose, performance and possibilities. We engage with intense curiosity, and bring our whole selves to work, every day. We know it starts with people like you, so take a chance and start with us.

Job Number: REQ5583

Location: Edmonton or Calgary, AB #LI-Remote

Apply by: Tuesday, February 7, 2023

Paygrade: M-OTH

System Title: Leader 8, Domain Architecture

# Positions available: 1

Leader Name: Mos Saleh

As ATB’s next Senior Manager, Application Security, you will work with business and technical application owners to ensure adoption of ATB’s testing platforms to continuously improve our application security posture and ensure alignment.

In this role, you will ensure application security vulnerabilities and weaknesses are understood by the application owners and ensure the lifecycle of said vulnerabilities or weaknesses is tracked through to completion. You will have leadership abilities as well as an strong comprehension & understanding of emerging threats, defensive technologies and are familiar with agile methodologies.

You will join the ATB TSARC team and shape the future of the application vulnerability management program. This role includes oversight of the following:

  • Providing leadership in establishing and promoting standards, patterns and practical best practices within the multi-cloud (GCP & AWS) and other cloud ecosystem practices at ATB
  • Establish appropriate guardrails for the app delivery teams and promote process designs and best practices that enable and keep teams within those guardrails.
  • Evaluation of application and/or infrastructure design specifications to ensure alignment with CX&T Priorities, cloud hosting architecture, standards, patterns and industry best practice.
  • Participate in the development of our cloud security strategy and support key programs.
  • Build trust relationships with senior level technical and business teams and communicate at all levels of the organization’s enterprise.
  • Collaborate with the broader CX&T team to create and maintain standards for the overall architectural vision that emphasizes a reuse strategy
  • Participate with other architects and technology teams in resolving escalations related to cloud usage that may arise
  • Ensure usage of Agile methodologies and DevSecOps framework
  • Lead direct and indirect reports in the development governance and maintenance of architectural patterns, frameworks and standards that align with corporate strategy, best practices that enable business value, meet SLA requirements, and are deployable at scale for / in ATB’s Cloud Platform.
  • Work with technical teams and stakeholders to understand the current state and target state; owning the technology roadmap and setting the architectural strategy to ensure delivery of ATBs Cloud Platform.
  • Define end to end technical solutions that take into account the current and target state architecture in accordance with constraints and within corporate risk appetite.
  • Review product level architectures and detailed designs in order to ensure compliance with the program level solution architecture.
  • Collaborate with peers within Development, DevOps, QA to ensure strategic and tactical alignment between the Technology Strategies & Architecture and other teams.
  • Provide and maintain awareness of architecture patterns and any applicable changes to the teams within the various teams
  • Plan, design and implement security measures for the protection of cloud applications
  • Execute and maintain cybersecurity processes and documentation on the related products in the product life cycle
  • Manage premarket cybersecurity activities (e.g. threat modeling, cybersecurity risk assessment, static code analysis, third party vulnerability testing)
  • Manage postmarket cybersecurity activities (e.g. STIG compliance checking, vulnerability scanning, cybersecurity risk modeling)
  • Investigating postmarket cybersecurity complaints and escalations
  • Awareness of cybersecurity trends and standards
  • Invest in positive cybersecurity model
  • Integrate new teams into our enterprise cloud AppSec frameworks with attention to sharing, providing and driving re-use.

Requirements

  • 10+ years of Architecture and Software development experience that includes experience and understanding of microservices architecture, application development, application systems design, and integration
  • 10+ years of solid experience working in cloud infrastructure Services, Security Practices, VPC/Networks, Distributed Infrastructure (Data Centre, Servers, Middleware, Containers, Storage etc...)
  • Multi-year experience in leading technical teams in software engineering with a focus on cloud infrastructure and platforms
  • Solid experience in software engineering and test automation relevant to supported products with a drive for continual learning
  • Hands-on experience with automation/DevSecOps/SRE activities with Gitops.
  • Experience with Public Cloud platforms, such as GCP and AWS.
  • Experience with container-orchestration such as Kubernetes(GKE), and Serverless Platform.
  • Understands product delivery elements (i.e., meeting delivery timelines, testing bottlenecks, constraints) and shares risks in the actual progress of delivery outcomes that the product team is delivering

At ATB, we know that as you develop in your career, you gain many transferable skills. If you believe your experience and qualities are a match for this position, please consider applying.

Interested? If you know one of our team members, BEFORE applying, reach out to them and ask them for a referral link to help your application stand out.

Online applications are preferred. Please let us know if you require any accommodations.

Benefits

Be great. Be you. Believe.

We are dedicated to building a workforce reflective of the diversity within our communities and creating an environment where every team member has what they need to reach their potential. We encourage candidates from all equity-seeking groups to apply.

What happens next?

Thank you for applying online. If you are shortlisted for this opportunity, you will hear from us after the posting close date regarding next steps. We might ask you to participate in a digital interview or phone interview. If you require any accommodations, please let us know.

Stay in touch!

ATB is excited to know you’re interested in a career with us! Follow us on LinkedIn, Facebook and Instagram to get the inside scoop on what our team is up to.

* Salary range is an estimate based on our salary survey 💰

Tags: Agile Application security Automation AWS Cloud Code analysis Compliance DevOps DevSecOps GCP Governance Kubernetes Microservices Risk assessment Security strategy Strategy Vulnerabilities Vulnerability management

Perks/benefits: Career development Startup environment Team events

Regions: Remote/Anywhere North America
Country: Canada
Job stats:  3  1  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.