CTC004326 - Specialist - Application Security

Secteur industriel: Telecommunications
Type d'emploi: Contract
Durée:
Mode de travail: On Site

Description

The Infrastructure Security team is a fast-paced and dynamic team within the Information Technology organization. The Infrastructure Security team is a strategic security planning and operational team that is a conduit between the Bell stakeholders and our service providers The Infrastructure Security team is responsible for the operation, processes development and enforcement of security controls that protect Bell endpoints, data and supporting networks. Bell is currently seeking a candidate for the position of Specialist – Application Security who will report to the Senior Manager, Infrastructure Security. The Specialist – Application Security will assist in the creation of an application security testing program that will serve to improve the security posture of Information Technology Infrastructure applications, servers and network applications. The Specialist – Application Security will regularly conduct vulnerability and application security assessments, provide feedback on issues related to the execution of the program, assist with the creation of action plans, assist with the identification and tracking of risk remediation, provide advice on mitigation safeguards, processes and security best practices and act as a spokesperson on security related subjects.

Job Duties/Accountabilities:

  • Support the IT application security testing program;
  • Ability to configure, implement, and maintain security testing tools as well as the configuration of data sources for metric reporting/tracking;
  • Perform security testing of applications, networks and infrastructures, including vulnerability assessments, and manual testing techniques;
  • Collaborate with various Bell’s internal stakeholders as well as external partners;
  • Produce security assessment reports and distribute to IT Support teams (for remediation);
  • Ability to document and educate stakeholders on the findings;
  • Ability to research, recommend, and implement changes to procedures and systems to enhance application and systems security;
  • Provide feedback on operational and procedural documentation as required;
  • Ability to serve as subject matter expert on IT security tools, polices, and controls;
  • Take an active role in security-related audits and inquiries;
  • Ability to keep up to date on the latest security regulations, advisories, alerts and vulnerabilities; and
  • Supporting member as required to the Bell Infrastructure Security team.
  • Critical Qualifications/Competencies:

  • Minimum of 7 years professional work experience in information security
  • A security based professional qualification desirable (e.g. CISSP, CISM, CISA, OPST, CEH, GPEN)
  • Experience with security testing tools and methodologies in conducting vulnerability and application security assessments
  • Ability to analyze IT solutions and technology infrastructure in order to identify and assess security vulnerabilities, threats, and risks.
  • A track record of results and effectiveness in applications technical support, trouble-shooting and analysis, problem resolution, and service availability and reliability improvement roles.
  • Think analytically and synthesize technical information from various sources
  • High level of personal integrity, and the ability to professionally handle confidential matters and demonstrate a high level of judgment and maturity.
  • Excellent skills of verbal and written communications, relationship-building, and influencing others.
  • Preferred Qualifications/Competencies:

  • Bachelor’s degree in technology-related field, or in computer science with a specialization in telecommunications, or the equivalent work experience
  • Knowledge of ISO 2700x, ITIL, and PCI-DSS.
  • Bilingual in French and English would be a strong asset.
  • Work Address Details - 1 carref. Alex.-G.-Bell Aile B2

    Notre barre latérale

    Bienvenue sur le nouveau site web de la CTC.