Job Title

Director, Security Engineering & Remediation Join to apply for the Director, Security Engineering & Remediation role at RBC Director, Security Engineering & Remediation 2 days ago Be among the first 25 applicants Join to apply for the Director, Security Engineering & Remediation role at RBC Get AI-powered advice on this job and more exclusive features. What is the opportunity? As Director, Security Engineering & Remediation'', you will establish and lead a dedicated engineering team focused on hands-on remediation of vulnerabilities primarily within application code, container platforms, cryptography, and security hardening. You will design and implement robust processes, technical solutions, and automation specifically targeting vulnerabilities identified through container scans, application security testing (SAST, DAST, IAST, SCA), cryptographic assessments, and insider threat risk monitoring. Leveraging your deep software development expertise, architectural knowledge, and familiarity with OWASP Top 10, SANS 25, and threat modeling, you will enhance software security, container resilience, and proactively identify and mitigate insider threats through behavioral analytics and continuous log monitoring. Job Summary Job Description What is the opportunity? As Director, Security Engineering & Remediation'', you will establish and lead a dedicated engineering team focused on hands-on remediation of vulnerabilities primarily within application code, container platforms, cryptography, and security hardening. You will design and implement robust processes, technical solutions, and automation specifically targeting vulnerabilities identified through container scans, application security testing (SAST, DAST, IAST, SCA), cryptographic assessments, and insider threat risk monitoring. Leveraging your deep software development expertise, architectural knowledge, and familiarity with OWASP Top 10, SANS 25, and threat modeling, you will enhance software security, container resilience, and proactively identify and mitigate insider threats through behavioral analytics and continuous log monitoring. What will you do? Build and lead a specialized security engineering team dedicated to direct vulnerability remediation primarily within application code, container environments (Docker, Kubernetes), cryptography, infrastructure-as-code (IaC), and system hardening. Implement and manage technical security solutions and automation focused on container security scanning results, software vulnerability remediation, and insider threat detection. Collaborate closely with development teams to directly address vulnerabilities identified by security testing tools (SAST, DAST, IAST, SCA). Design, implement, and manage an insider threat risk monitoring program, including user behavior analytics, anomalous activity detection, and continuous oversight of critical application logs to detect and investigate suspicious activities. Conduct hands-on remediation of application vulnerabilities aligned with OWASP Top 10, SANS 25, and enforce secure coding best practices. Drive integration of security remediation and insider threat detection capabilities into CI/CD pipelines, enhancing DevSecOps effectiveness. Communicate technical remediation progress, insider threat detection initiatives, issues, and achievements clearly to senior stakeholders and management. What do you need to succeed? Must-have: 10+ years of experience in software development and cybersecurity engineering roles, with significant hands-on expertise in application vulnerability remediation, container security, secure coding practices, and insider threat detection. Proficiency technical experience with scripting languages (e.g. Python, PowerShell, etc.) and familiarity with multiple programming languages (e.g. Java, C#, C++, SQL, etc.) for software development and vulnerability remediation. Extensive hands-on experience with application security testing tools (SAST, DAST, IAST, SCA) and direct remediation activities. Technical expertise with container security (Docker, Kubernetes), infrastructure-as-code (IaC) security (e.g. Terraform), vulnerability remediation, insider threat detection, and security automation tools. Strong architectural knowledge, comprehensive understanding of secure software development lifecycle (SSDLC) practices, and familiarity with OWASP Top 10, SANS 25, and threat modeling methodologies. Nice-to-have: Relevant security certifications (CSSLP, GWAPT, OSCP, CISSP, or equivalent). Experience in financial services or highly regulated industries. Hands-on experience with container security scanning tools such as Aqua and remediation of identified issues. Strong understanding of cryptographic best practices and system hardening techniques. Demonstrated ability to lead technically focused teams within complex, multi-stakeholder environments. Whats in it for you? We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual. A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable. Leaders who support your development through coaching and managing opportunities. Ability to make a difference and lasting impact. Work in a dynamic, collaborative, progressive, and high-performing team. A world-class training program in financial services. Flexible work/life balance options. Opportunities to do challenging work. #TECHCPJ Job Skills Application Security, Cyber Security Management, Decision Making, Information Security Management, Information Technology Security, Infrastructure Penetration Testing, IT Security Architecture, IT Systems Integration, Security Information and Event Management (SIEM) Additional Job Details Address: RBC CENTRE, 155 WELLINGTON ST W:TORONTO City: TORONTO Country: Canada Work hours/week: 37.5 Employment Type: Full time Platform: CAPITAL MARKETS Job Type: Regular Pay Type: Salaried Posted Date: 2025-03-12 Application Deadline: 2025-08-11 Note : Applications will be accepted until 11:59 PM on the day prior to the application deadline date above I nclusion and Equal Opportunity Employment At RBC, we believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all. Join our Talent Community Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you. Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com Seniority level Seniority level Not Applicable Employment type Employment type Full-time Job function Job function Other, Information Technology, and Management Industries Banking and Financial Services Referrals increase your chances of interviewing at RBC by 2x Get notified about new Director of Security jobs in Toronto, Ontario, Canada . Director of Security & Emergency Services Executive Director, Community Safety and Security (Community engagement and development) Director of Information Security and GRC Director of Information Security (Toronto, ON /Vancouver, BC) Director, Security Architecture and Engineering Cybersecurity & Privacy, AI Security Director Director, Application and Product Security Director, Application and Product Security Director, Network Underwriting and Operations Field Sales Director - RiskRecon, a Mastercard Cyber Security Solution - Canada (Remote Toronto) Junior Associate Director, Nexus, Client Delivery Director-Marketing (Value Proposition Development) Scarborough, Ontario, Canada 2 months ago Richmond Hill, Ontario, Canada 2 months ago Manager of Software Development Digital Channels Director, IT Risk, Compliance & Security Assurance Director, Computing Infrastructure & Cloud Services Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr