View all jobs

Sr. Digital Security Consultant 3 - 16727

Montreal, QC · Information Technology
What you’ll be responsible for:

You will provide technical leadership, expert guidance, coordination and support to agile digital teams with a focus on promoting, assessing and maintaining secure-by-design principles and techniques in TELUS’ digital products. You will be responsible for the following:
Helping evolve our secure software development practices for core TELUS web applications (both non-authenticated and authenticated experiences)
Supporting regular vulnerability assessment and remediation activities
Enabling others to adopt/embrace sound security practices and standards to ensure TELUS' information assets are protected
Supporting and reinforcing governance related risk acceptance methods and policies
Improving our human firewall through a variety of security awareness and education methods
Aligning with broader Chief Security Office strategy to keep our customers, team members and TELUS assets safe and secure

What you’ll need to be successful:

7+ years of recent digital security experience with formal security certification; Certified Information Systems Security Professional (CISSP) preferred
1-2 years’ experience applying your craft in an agile delivery shop, Scrum & Kanban
Bachelor degree in Computer Science, Information Technology, Engineering or related discipline
Can apply Open Web Application Security Project (OWASP) and modern network security practices in day-to-day activities
High comfort level with technical navigation of digital systems, both the application & infrastructure layers
Practical experience with threat detection/prevention, incident response, vulnerability management, threat modeling, risk management methodology, data de-identification and encryption standards
Identify and interpret security design requirements (and their benefits) for technical and non-technical stakeholders
Tendency to balance business and security needs to improve the customer experience, building and maintaining relationships through coaching, not policing
Understanding of adversarial tactics, a penchant for curiosity, exploration and learning to stay current in your field
Experience with enabling teams to practice sound data governance (i.e., for digital analytics)
More than a mild curiosity in artificial intelligence (AI) and machine learning (ML)
Desire to collaborate, roll up your sleeves/be in the weeds, ideally, you don’t need anyone to code for you, comfort with Node.js/React is desirable
Affinity for automating repetitive functions and a general dissatisfaction with traditional ways of doing things

Awareness regulatory factors governing our industry (i.e., privacy & Canada's Anti-Spam Legislation)
Familiarity with search engine optimization (SEO) principles (e.g., the brand implications of domain name strategy)
Powered by