Intern - Security Analyst
About the role
Description IT Security / Hybrid / Fall 2025 Internship / Full-time / Quebec / Montreal Our information security protection and analysis team is currently looking for a Security Analyst (Intern) to join its team.
Specific Responsibilities In the context of operational security:
- Support development teams in integrating AppSec tools.
- Maintain and automate security analysis tools (AST).
- Participate in the implementation of AppSec tools in CI/CD pipelines.
- Contribute to the maintenance of security infrastructure.
- Use automated tools to detect vulnerabilities.
- Participate in the continuous improvement of cybersecurity practices.
- Conduct investigations, including on compromise vectors, through security logs and various protection and detection tools and equipment.
- Perform required analyses and recommend corrective measures to be implemented.
- Collaborate in the implementation of activities aimed at ensuring and improving the overall health of IT services and processes.
In the context of projects:
- Advise IT delivery teams in defining their objectives and the scope of their projects in terms of information security.
- Identify security requirements according to the project context, ensuring alignment with the information security normative framework.
- Identify and categorize informational assets in accordance with the organizational risk appetite of IT asset owners.
- Identify and assess risk scenarios to mitigate residual risks, then present them to asset owners with a concrete action plan.
- Model and detail access by defining roles, user groups, and their relationships.
Desired profile:
- Currently studying for a bachelor's or a college degree in computer science, business administration (IT focus), or any related field.
- Must complete a university-accredited internship in fall 2025.
- Be familiar with the software development lifecycle (SDLC), DevOps, ITIL.
- Possess a good understanding of regulatory requirements associated with affected business domains, applicable industry frameworks (NIST, ISO 27001, etc.) to be able to apply best practices in information security.
- Basic Knowledge:
- Encryption tools
- Static (SAST) and dynamic (DAST) analysis
- Software composition analysis (SCA)
- Container image analysis
- Automation and scripting (Python, Bash, PowerShell)
- Familiarity with:
- OWASP Top 10
- Web development (JavaScript/TypeScript)
- Software development (.NET, Java)
- Databases (SQL, NoSQL)
- Git (version control)
- DevOps tools (CI/CD, pipelines)
- Test-driven development (TDD)
- Agile methodologies
- AppSec tools (SCA, SAST, image scanning, etc.)
- Threat modeling
Does this job description sound like you? Don't wait any longer, apply now!
About iA Groupe financier / iA Financial Group
iA Financial Group is one of the largest insurance and wealth management groups in Canada, with operations in the United States. Founded in 1892, it is an important Canadian public company and is listed on the Toronto Stock Exchange under the ticker symbols IAG (common shares) and IAF (preferred shares).
Intern - Security Analyst
About the role
Description IT Security / Hybrid / Fall 2025 Internship / Full-time / Quebec / Montreal Our information security protection and analysis team is currently looking for a Security Analyst (Intern) to join its team.
Specific Responsibilities In the context of operational security:
- Support development teams in integrating AppSec tools.
- Maintain and automate security analysis tools (AST).
- Participate in the implementation of AppSec tools in CI/CD pipelines.
- Contribute to the maintenance of security infrastructure.
- Use automated tools to detect vulnerabilities.
- Participate in the continuous improvement of cybersecurity practices.
- Conduct investigations, including on compromise vectors, through security logs and various protection and detection tools and equipment.
- Perform required analyses and recommend corrective measures to be implemented.
- Collaborate in the implementation of activities aimed at ensuring and improving the overall health of IT services and processes.
In the context of projects:
- Advise IT delivery teams in defining their objectives and the scope of their projects in terms of information security.
- Identify security requirements according to the project context, ensuring alignment with the information security normative framework.
- Identify and categorize informational assets in accordance with the organizational risk appetite of IT asset owners.
- Identify and assess risk scenarios to mitigate residual risks, then present them to asset owners with a concrete action plan.
- Model and detail access by defining roles, user groups, and their relationships.
Desired profile:
- Currently studying for a bachelor's or a college degree in computer science, business administration (IT focus), or any related field.
- Must complete a university-accredited internship in fall 2025.
- Be familiar with the software development lifecycle (SDLC), DevOps, ITIL.
- Possess a good understanding of regulatory requirements associated with affected business domains, applicable industry frameworks (NIST, ISO 27001, etc.) to be able to apply best practices in information security.
- Basic Knowledge:
- Encryption tools
- Static (SAST) and dynamic (DAST) analysis
- Software composition analysis (SCA)
- Container image analysis
- Automation and scripting (Python, Bash, PowerShell)
- Familiarity with:
- OWASP Top 10
- Web development (JavaScript/TypeScript)
- Software development (.NET, Java)
- Databases (SQL, NoSQL)
- Git (version control)
- DevOps tools (CI/CD, pipelines)
- Test-driven development (TDD)
- Agile methodologies
- AppSec tools (SCA, SAST, image scanning, etc.)
- Threat modeling
Does this job description sound like you? Don't wait any longer, apply now!
About iA Groupe financier / iA Financial Group
iA Financial Group is one of the largest insurance and wealth management groups in Canada, with operations in the United States. Founded in 1892, it is an important Canadian public company and is listed on the Toronto Stock Exchange under the ticker symbols IAG (common shares) and IAF (preferred shares).