Application Security Consultant (Global Security)
Top Benefits
About the role
WHAT IS THE OPPORTUNITY?
The Application Security team is undertaking multiple complex enterprise-wide initiatives to improve the security and quality of RBC applications. In this role, you will provide technical execution and expertise in the area of application security tools for the global RBC business and application development teams across all enterprise information technology groups. Primarily, you act as a primary point of contact for application teams, prioritizing and triaging SAST Security scan results, and communicating the needs of application teams to strategic security leadership. As the vital link between security and developer functions, your expertise will contribute to the development of application security best practices, tools, and processes within RBC. This role will require you to understand various application security testing techniques such as SAST, SCA and DAST.
WHAT WILL YOU DO?
- Support end users of application security testing tools, managing tickets through a ticketing platform
- Proactively solve problems to ensure application development teams are able to best use the latest application security testing tools
- Educate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters across the organization
- Assist in the integration of application security processes and tools into existing enterprise development processes and pipelines
- Participate in and lead a range of application security assessment activities
- Assist in the development, evaluation, and implementation of application security testing processes and tools
- Work in a diverse environment leveraging other team members’ experience and knowledge
- Research and keep up to date on application security emerging threats, techniques, tools, and trends
WHAT DO YOU NEED TO SUCCEED?
Must have:
- Exposure to application security best practices such as secure coding, security testing techniques and Secure Software Development Lifecycle
- Experience supporting SAST tools, especially in a role responsible for triaging findings and refining scanning rules.
- 2+ Experience developing and testing apps in any of the following programming languages: Python, Java, Bash, Perl, JavaScript, C++, C#
- Strong ability to manage client and stakeholder relations
- Understanding of CI/CD, DevOps and DevSecOps approaches and experience working with DevOps tools
- Knowledge of OWASP, SANS or other security-related frameworks
- Knowledge of SAST Security Scanning tools
Nice-to-have :
- Familiarity with AI/ML systems security -such as securing machine learning models or evaluating LLM-based applications – would be highly valuable
- Experience supporting SCA/DAST tools, especially in a role responsible for triaging findings and refining scanning rules.
- Experience with Threat Modelling and Risk Assessment activities
- Understanding and experience in agile methodology
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
#LI-POST
#TECHCPJ
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.
Application Security Consultant (Global Security)
Top Benefits
About the role
WHAT IS THE OPPORTUNITY?
The Application Security team is undertaking multiple complex enterprise-wide initiatives to improve the security and quality of RBC applications. In this role, you will provide technical execution and expertise in the area of application security tools for the global RBC business and application development teams across all enterprise information technology groups. Primarily, you act as a primary point of contact for application teams, prioritizing and triaging SAST Security scan results, and communicating the needs of application teams to strategic security leadership. As the vital link between security and developer functions, your expertise will contribute to the development of application security best practices, tools, and processes within RBC. This role will require you to understand various application security testing techniques such as SAST, SCA and DAST.
WHAT WILL YOU DO?
- Support end users of application security testing tools, managing tickets through a ticketing platform
- Proactively solve problems to ensure application development teams are able to best use the latest application security testing tools
- Educate key organizational stakeholders (e.g. developers, security consultants, executives) on application security matters across the organization
- Assist in the integration of application security processes and tools into existing enterprise development processes and pipelines
- Participate in and lead a range of application security assessment activities
- Assist in the development, evaluation, and implementation of application security testing processes and tools
- Work in a diverse environment leveraging other team members’ experience and knowledge
- Research and keep up to date on application security emerging threats, techniques, tools, and trends
WHAT DO YOU NEED TO SUCCEED?
Must have:
- Exposure to application security best practices such as secure coding, security testing techniques and Secure Software Development Lifecycle
- Experience supporting SAST tools, especially in a role responsible for triaging findings and refining scanning rules.
- 2+ Experience developing and testing apps in any of the following programming languages: Python, Java, Bash, Perl, JavaScript, C++, C#
- Strong ability to manage client and stakeholder relations
- Understanding of CI/CD, DevOps and DevSecOps approaches and experience working with DevOps tools
- Knowledge of OWASP, SANS or other security-related frameworks
- Knowledge of SAST Security Scanning tools
Nice-to-have :
- Familiarity with AI/ML systems security -such as securing machine learning models or evaluating LLM-based applications – would be highly valuable
- Experience supporting SCA/DAST tools, especially in a role responsible for triaging findings and refining scanning rules.
- Experience with Threat Modelling and Risk Assessment activities
- Understanding and experience in agile methodology
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
#LI-POST
#TECHCPJ
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.