3 months ago
Keyword: Specialist, Cybersecurity and risk management (Product integration)
Request Number: ITS
Number of positions to fill: 1
Location: Longueuil (Quebec)
Organisational Unit: 1341-IT Security
Division: Information Technology
Sector: Information Technology
Posting Start Date: 2018-04-10
Organization Profile: Pratt & Whitney Canada is one of the world’s leaders in the design, manufacture and service of aircraft engines powering commercial and regional airplanes, as well as general aviation aircraft and helicopters. Our strong reputation for highly skilled personnel (10,000 employees across the globe), our reliable engines and our exceptional aftermarket support service network attract customers from all over the world (over 190 countries).
General responsibilities of the position: •Integrate security tools, standards, and processes into the Software Development Life Cycle (SDLC), help to develop a DevSecOps practice;
•Ensure that developers are trained with regards to IT security policies and ensure that they integrate these policies within their code and framework;
•Be part of a team that will proactively look for new threats and help to find tools and processes to mitigate them;
•Ensure security scans are performed on code and applications and provide suggestions on how to mitigate any vulnerabilities detected;
•Establish a program to ensure that accesses to applications are reviewed so employees have no more access than needed to perform their duties.
Specific responsibilities of position: •Solid foundation in application security practices and methodologies to include: - Agile methodology - Web Application Design - Mobile Application Design - OWASP and other application security testing background - Application Vulnerability Management Processes;
•Ability to scale security within the SDLC by automating using tools sets such as source code analyzers, vulnerability scanners, configuration validation and similar techniques;
•Use inclusion, awareness and leadership skills rather than authority to accomplish results;
•Identify, summarize, review, and report potential/actual actions that jeopardize the company's data privacy and/or security on technology environments. Specifically Application Vulnerabilities;
•Develop reporting and processes for application security;
•Support the development of technical and non-technical security designs to satisfy business requirements.
Qualifications required: •Bachelor degree with 4 to 7 years experience;
•Master degree with 2 to 5 years experience;
•Industry certifications such as CISSP, CISA or CISM preferred;
•Bilingual (French and English);
•Team player who loves challenges;
•Creative spirit passionate about the latest technology;
•Passion for learning about new technologies and emerging security threats;
•Excellent communication and interpersonal skills with the ability to convey application security needs to developers, peers and leadership.
Field of studies: Computer Science, Information Technology
Additional Information: Diversity and Equal Opportunity Employment
P&WC is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status or any legally-protected factors.