Lead Developer, Security

Location:  Montreal

Position Type:  Full-Time

Thinking Capital is looking for a skilled Software Engineer to lead Thinking Capital’s CyberSecurity Management Program (CSMP) and be responsible for designing, building, assessing and deploying systems to protect Thinking Capital against Information Security Threats. As a member of the Technology Group, you will join industry leading professionals to ensure our infrastructure and services are designed-operated, maintained, and protected in accordance with the high-level standards in the finance industry. You are a skilled software engineer who enjoys security and/or privacy work and is an expert in systems security, applications security, network security, data protection and infrastructure privacy, cryptography or automated malware analysis.

Job Summary

•    Provide strategic and tactical direction to the product/technology team with the elaboration of security roadmaps
•    Provide engineering designs for new software solutions to help mitigate security vulnerabilities
•    Analyze current software designs and implementations from a security perspective, and identify and resolve security issues
•    Define and evolve the Security Awareness Program across the organization
•    Bring best practice, technologies and expertise to the stack teams with regards to security
•    Perform compliance testing, evaluate test results, and assist service teams in their effort to understand and implement accreditation requirements.
•    Develop and enhance automated security testing in an Agile and CI/CD environment
•    Implement, test and operate advanced software security techniques in compliance with technical reference architecture
•    Perform on-going vulnerability assessment, security testing and code review to improve software security
•    Maintain technical documentation
•    Assist work of internal and external compliance auditors or advisors as needed

Apply if you have the following skillset

•    5+ years experience as a security software engineer
•    In-depth knowledge of AWS and other public and private cloud infrastructures
•    Experience with building and operating secure infrastructure
•    Strong Unix/Linux experience with familiarity with Windows environments
•    Bilingual (spoken and written) in French and English;
•    Strong understanding of security with network, host and application security practices
•    Experience with web penetration testing, tools and vulnerability analysis 
•    Good experience with SSL/TLS protocols
•    Software development experience in Java
•    Experience with Chef and Puppet
•    Experience with Python, Ruby, Javascript in the context of AWS API usage and automation
•    Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
•    Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols
•    Interest in all aspects of security research and development
•    BS degree in Computer Science or related field
*Please keep in mind that only candidates fitting this position will be contacted for an interview.