Sr. Cyber Security Specialist will be focused on integrating strong security practices into the software development lifecycle for our large financial clie

Contract duration: 6.5 months (June 2 - Dec 12, 2025)

Location: Downtown Toronto

Hybrid: Twice per week

The Opportunity

The Cyber Security Specialist will be focused on integrating strong security practices into the software development lifecycle and ensuring that security is embedded in each stage of the development process. You will work closely with the development and operations teams to help implement and maintain secure coding practices, automated security testing, and continuous security monitoring. This role is crucial in continuing to enhance cyber security within software products and services, making it an exciting opportunity for candidates passionate about both cybersecurity and software engineering.

You will report to the Sr. Manager Cybersecurity Engineering and collaborate with cross-functional teams, including software developers, DevOps engineers, and IT security professionals. You may also engage with vendors and industry peers.

What you will do:

• Advise on the cybersecurity practices within the orgs software management practices, framework, and roadmap, ensuring alignment with the orgs cyber risk appetite and business objectives.
• Integrate security controls within CI/CD pipelines in accordance with security standards.
• Review code scanning practices and reports and collaborate with stakeholders to develop and execute prioritized remediation plans.
• Advise on secure coding standards, automated security testing, and continuous security monitoring practices.
• Provide cybersecurity advisory and consulting services to development and operations teams, ensuring that security requirements and best practices are embedded in the design, development, and delivery of software products and services.
• Conduct and facilitate security assessments and testing, ensuring that security practices are effective, and gaps/issues are identified, reported, and remediated.
• Research and evaluate emerging security trends, threats, and technologies, related to application risks and provide recommendations and insights on how to enhance current practices.
• Build and maintain effective relationships with stakeholders and represent the Enterprise Security & Technology Risk Management team on various working groups.
• Demonstrate strong cyber security and software engineering leadership, collaboration, coaching, and innovation in your role, while upholding the organization's values of being performance-driven, inclusive, agile, curious, and courageous.
• Responsible for making recommendations related to the organization's secure software development practices within the governance, and program delivery practices, based on your expertise, judgment, and analysis of relevant cyber security good practices. You will also be responsible for escalating and communicating significant security risks and issues to senior management and relevant stakeholders, as well as providing recommendations and solutions to address them.

What you will need:

• A bachelor's degree or equivalent in computer science, information systems, engineering, or a related field.
• A recognized cyber security certification, such as CISSP.
• A minimum of 10 years of progressive experience in Software Engineering including DevOps.
• A minimum of 5 cyber security or information security, preferably in the financial services industry.
• Extensive knowledge and experience in security software practices, software development, and software engineering.
• Familiarity with Infrastructure as Code (IaC) principles.
• Proficiency in various programming languages (e.g., Python, Java, C#, JavaScript).
• Knowledge of secure coding practices and principles (e.g., OWASP Top 10, SANS CWE).
• Understanding of common software vulnerabilities. Adept at using both static and dynamic code analysis tools.
• In-depth understanding of the Software Development Lifecycle (SDLC) and Continuous Integration and Continuous Delivery (CI/CD).
• Capability to perform software-related vulnerability assessments and prioritize vulnerabilities based on risk and impact.
• Strong communication skills.
• Ability to collaborate effectively with developers, project managers, and other team members.
• Agility in adapting to new challenges, tools, and methodologies.