Job Title

* **Application Security steward** Provide guidance to development teams and oversee application security testing services, including dynamic application security testing (DAST), static application security testing (SAST), software composition analysis (SCA), mobile application security testing (MAST) and container security.* **Risk-based vulnerability management** Review security scan results and collaborate with development teams to prioritize security vulnerabilities using a risk-based approach, and support the remediation process.* **Training and awareness** Deliver training and awareness sessions to application development teams on how to use application security tools, and educate developers on the benefits of integrating security testing throughout the software development lifecycle.* **Security tool integration** Collaborate with development teams to integrate automated security tools into continuous integration and continuous delivery (CI/CD) pipelines.* **Continuous improvement** Promote continuous improvement by applying lessons learned from projects and ongoing security assessments.* **You can demonstrate experience** using application security testing tools and platforms to manage and perform static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and mobile application security testing (MAST). You have experience with identifying and remediating common web application vulnerabilities, such as those outlined in the OWASP Top 10.* **You have hands-on experience in software development** and a good understanding of application security concepts, including secure coding, design, and industry standards and best practices. You are comfortable working with security code issues across a variety of languages such as Java Enterprise Edition (JEE), .NET, JavaScript, HTML, JSP, and ASP.* **You have a bachelors degree** in computer science, software engineering, a related field, or an equivalent combination of education and experience. You bring at least three years of experience in application security, secure software development, or related fields.Its an asset ifyou have experience in financial services, cloud environments, or DevSecOps practices.* **You have strong interpersonal and communication skills**. You are able to clearly articulate application security issues to a range of stakeholders, including developers, project managers, and management. You have a track record of developing strong relationships across various levels of an organization to drive positive results and communicate requirements effectively.* **Youre a certified professional**. You have, or are working towards, relevant security certifications such as Certified Information Systems Security Professional (CISSP) or Certified Secure Software Lifecycle Professional (CSSLP).* **Values matter to you**. You bring your real self to work and you live our values trust, teamwork, and accountability.* We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program/*, defined benefit pension plan/*, an employee share purchase plan, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.* Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.* We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.* CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact [email protected]* CIBC is committed to clarity in our hiring process. All roles posted are opportunities were actively recruiting for, unless stated otherwise.* You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.* We may ask you to complete an attribute-based assessment and other skills test (such as simulation, coding, French proficiency).At CIBC, we are in business to help our clients, employees and shareholders achieve what is important to them. Our ability to create value for all CIBC stakeholders is driven by a business culture based on common values: Trust, Teamwork and Accountability. Working with CIBC makes you a part of a work environment committed to our clients, employees and communities - a place where you can excel. Every day, our 44,000 employees help our clients achieve their financial goals, because what matters to our clients, matters to us. #J-18808-Ljbffr