Web Application Security Consultant, Information Security
CIBC•Toronto, ON
•Hybrid
About The Position
You’ll be joining CIBC’s Cyber Operations (CO) team as a Web Application Security Consultant. As a Web Application Security Consultant, you’ll be responsible for managing the web application security configurations for CIBC applications. This includes onboarding new applications onto the Web Application Firewall (WAF), bot controls, DDoS controls, and other security products. You’ll also work closely with other groups such as Security Service Management, SOC, and application teams across CIBC to ensure that our applications are safeguarded against web-based threats.
Requirements
- 5 years of experience in an Information Security Consultant or a similar role.
- Technical expertise in web application security.
- Strong understanding of web-based attacks, web application firewalls, bot management, DDoS mitigation and other application layer security solutions.
- Attention to detail and critical thinking skills.
- Ability to take initiative, go above and beyond, and deliver results.
- Digitally savvy, seeking out innovative solutions and embracing evolving technologies.
- Ability to adapt to new tools and trends.
- Degree/diploma in Computer Science, Engineering, or a related field.
- Security checks, including a criminal record check must be successfully completed prior to starting in this role.
- An annual criminal record check may also be required.
Nice To Haves
- CISSP, CRISC, or CISM designation.
Responsibilities
- Manage the web application security configurations for CIBC applications.
- Onboard new applications onto the Web Application Firewall (WAF), bot controls, DDoS controls, and other security products.
- Work closely with Security Service Management, SOC, and application teams across CIBC to ensure applications are safeguarded against web-based threats.
- Work closely with application teams across CIBC to onboard applications onto WAF, bot controls, and other web application security products.
- Monitor and analyze traffic for onboarded applications, fine tuning security settings as needed to reduce false positives and ensure minimal impact on legitimate users.
- Assist in troubleshooting and resolving security related issues for applications and sharing timely adjustments to security configurations where required to address evolving threats or operational concerns.
- Participate in POC evaluations for new web application security products, assessing their effectiveness and potential to enhance the organization's web application security posture.
- Proactively identify opportunities to improve security configurations, processes, and workflows.
- Identify and plan to overcome impediments and blockers to success, presenting options for overcoming roadblocks and the path(s) forward once resolved.
- Communicate, collaborate, share information, and work effectively in a team environment.
Benefits
- Competitive salary
- Incentive pay
- Banking benefits
- Benefits program
- Defined benefit pension plan
- Employee share purchase plan
- Vacation offering
- Wellbeing support
- MomentMakers, our social, points-based recognition program
- Purpose Day; a paid day off dedicated for you to use to invest in your growth and development
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
Associate degree
