Senior Manager, Application Security
Alberta, Canada - Remote
ATB FinancialBig life events can trigger big banking changes. Whether you’re starting university or planning your retirement, we’ve made it easy to find the accounts and resources you need.
Our bottom line is different.
There’s something special about working at ATB, and it’s been recognized on every top employer list that matters. Maybe it’s our exceptional culture where your total wellness is supported through market-leading benefits and you’re free to bring your whole self to work. Maybe it’s our commitment to a growth mindset and our unrelenting thirst for making it possible for fellow Albertans—even the ones who aren’t our clients.
Whatever it is, you won’t find a more genuine, driven and knowledgeable group of humans anywhere. We foster a culture of purpose, performance and possibilities. We engage with intense curiosity, and bring our whole selves to work, every day. We know it starts with people like you, so take a chance and start with us.
Job Number: REQ5583
Location: Edmonton or Calgary, AB #LI-Remote
Apply by: Tuesday, February 7, 2023
System Title: Leader 8, Domain Architecture
# Positions available: 1
Leader Name: Mos Saleh
As ATB’s next Senior Manager, Application Security, you will work with business and technical application owners to ensure adoption of ATB’s testing platforms to continuously improve our application security posture and ensure alignment.
In this role, you will ensure application security vulnerabilities and weaknesses are understood by the application owners and ensure the lifecycle of said vulnerabilities or weaknesses is tracked through to completion. You will have leadership abilities as well as an strong comprehension & understanding of emerging threats, defensive technologies and are familiar with agile methodologies.
You will join the ATB TSARC team and shape the future of the application vulnerability management program. This role includes oversight of the following:
- Providing leadership in establishing and promoting standards, patterns and practical best practices within the multi-cloud (GCP & AWS) and other cloud ecosystem practices at ATB
- Establish appropriate guardrails for the app delivery teams and promote process designs and best practices that enable and keep teams within those guardrails.
- Evaluation of application and/or infrastructure design specifications to ensure alignment with CX&T Priorities, cloud hosting architecture, standards, patterns and industry best practice.
- Participate in the development of our cloud security strategy and support key programs.
- Build trust relationships with senior level technical and business teams and communicate at all levels of the organization’s enterprise.
- Collaborate with the broader CX&T team to create and maintain standards for the overall architectural vision that emphasizes a reuse strategy
- Participate with other architects and technology teams in resolving escalations related to cloud usage that may arise
- Ensure usage of Agile methodologies and DevSecOps framework
- Lead direct and indirect reports in the development governance and maintenance of architectural patterns, frameworks and standards that align with corporate strategy, best practices that enable business value, meet SLA requirements, and are deployable at scale for / in ATB’s Cloud Platform.
- Work with technical teams and stakeholders to understand the current state and target state; owning the technology roadmap and setting the architectural strategy to ensure delivery of ATBs Cloud Platform.
- Define end to end technical solutions that take into account the current and target state architecture in accordance with constraints and within corporate risk appetite.
- Review product level architectures and detailed designs in order to ensure compliance with the program level solution architecture.
- Collaborate with peers within Development, DevOps, QA to ensure strategic and tactical alignment between the Technology Strategies & Architecture and other teams.
- Provide and maintain awareness of architecture patterns and any applicable changes to the teams within the various teams
- Plan, design and implement security measures for the protection of cloud applications
- Execute and maintain cybersecurity processes and documentation on the related products in the product life cycle
- Manage premarket cybersecurity activities (e.g. threat modeling, cybersecurity risk assessment, static code analysis, third party vulnerability testing)
- Manage postmarket cybersecurity activities (e.g. STIG compliance checking, vulnerability scanning, cybersecurity risk modeling)
- Investigating postmarket cybersecurity complaints and escalations
- Awareness of cybersecurity trends and standards
- Invest in positive cybersecurity model
- Integrate new teams into our enterprise cloud AppSec frameworks with attention to sharing, providing and driving re-use.
- 10+ years of Architecture and Software development experience that includes experience and understanding of microservices architecture, application development, application systems design, and integration
- 10+ years of solid experience working in cloud infrastructure Services, Security Practices, VPC/Networks, Distributed Infrastructure (Data Centre, Servers, Middleware, Containers, Storage etc...)
- Multi-year experience in leading technical teams in software engineering with a focus on cloud infrastructure and platforms
- Solid experience in software engineering and test automation relevant to supported products with a drive for continual learning
- Hands-on experience with automation/DevSecOps/SRE activities with Gitops.
- Experience with Public Cloud platforms, such as GCP and AWS.
- Experience with container-orchestration such as Kubernetes(GKE), and Serverless Platform.
- Understands product delivery elements (i.e., meeting delivery timelines, testing bottlenecks, constraints) and shares risks in the actual progress of delivery outcomes that the product team is delivering
At ATB, we know that as you develop in your career, you gain many transferable skills. If you believe your experience and qualities are a match for this position, please consider applying.
Interested? If you know one of our team members, BEFORE applying, reach out to them and ask them for a referral link to help your application stand out.
Online applications are preferred. Please let us know if you require any accommodations.
Be great. Be you. Believe.
We are dedicated to building a workforce reflective of the diversity within our communities and creating an environment where every team member has what they need to reach their potential. We encourage candidates from all equity-seeking groups to apply.
What happens next?
Thank you for applying online. If you are shortlisted for this opportunity, you will hear from us after the posting close date regarding next steps. We might ask you to participate in a digital interview or phone interview. If you require any accommodations, please let us know.
Stay in touch!
* Salary range is an estimate based on our salary survey 💰
Tags: Agile Application security Automation AWS Cloud Code analysis Compliance DevOps DevSecOps GCP Governance Kubernetes Microservices Risk assessment Security strategy Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Operations Engineer jobs
- Open Head of Information Security jobs
- Open Senior SOC Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open Information System Security Officer (ISSO) jobs
- Open Lead Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Cyber Program Manager jobs
- Open GCP-related jobs
- Open Clearance-related jobs
- Open Pentesting-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open SaaS-related jobs
- Open ISO 27001-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Cryptography-related jobs
- Open CISM-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open IPS-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs