Security Analyst

**Aviso Wealth**:
**The Opportunity**:
We’re looking for a Security Analyst to join or Information Security team.
This role can be mostly remote, however we will on occasion require you to come onsite to our office at 151 Yonge St, Toronto, ON.

Reporting to the Senior Manager of Information Security, the Security Analyst is responsible for ensuring the security of Aviso at every level of the stack. You will be setting security controls and design requirements during the feature design & development stage of the software lifecycle. You will also help ensure that security across all aspects of the software is uniform by setting up checkpoints and reviews.

**Who you are**:

- **Service** - You consider both internal and external stakeholders and demonstrate intent of understanding and putting the clients’ needs first. You advocate service excellence and work to deliver solutions that meet the needs. You proactively develop strategic partnerships that allow Aviso Wealth to become a trusted advisor and partner
- **Execution** - You are committed to achieving your goals and to succeed. This includes focusing on “getting things done”, as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes
- **Collaboration** - You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization

**What your day looks like**:

- Security assessments through code reviews, automation and security audits
- Implementing security controls and checkpoints to detect and prevent security issues early in cycle
- Work with engineering and product teams in the design phase of products and features, conducting threat modeling and security architecture, design
- Implement various types of scanning (SAST, SCA, DAST, etc.) in our CI/CD pipelines and ensure results are appropriately surfaced to developers
- Work with the product management teams to prioritize fixes for vulnerabilities and work with engineering teams to understand how to fix these issues
- Design tooling and frameworks to make adoption of security best practices easier for developers when working in our code bases
- Assist in the creation and maintenance of security training

**Requirements**:
**Your experience and skills**:

- College diploma or university degree in Computer Science or related field
- You have 4+ years of experience working on a security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
- Demonstrate an in-depth knowledge of a broad range of hardware and software products; IIS,.NET/Java, and SDLC concepts & tools such as Azure DevOps, Ansible, Jenkins, Git, etc.
- Hands on Threat modeling, security risk assessment experience is a plus
- Knowledge of penetration testing procedures with industry standard toolsets
- Basic understanding of CI/CD pipelines
- Knowledge of OWASP security principles
- Experience with Application Security Testing tools like Burp Suite
- Excellent communication and articulation skills
- Highly motivated self-starter
- Strong time management and organizational skills; ability to multi-task and manage competing priorities
- Experience in the financial industry an asset
- Fluent Communication skills in English are required and bilingual communication skills in French are an asset

**Benefits**

**Why Aviso Wealth?**

At Aviso Wealth, you will find a dynamic and inclusive culture that rewards innovation and celebrates success.
Here are a few things that set us apart:

- Competitive compensation package that rewards and recognizes individual contributions
- Excellent health, dental and insurance benefits to meet the diverse needs of our employees
- Generous vacation time, fitness benefit, parental leave top-up options
- Matching contributions to our retirement program
- Commitment to the continuous improvement of our staff through learning & development and an education assistance program
- Regular social events to foster teamwork

**Equal Employment Opportunity**

We thank all applicants for their interest, however, only those selected for further consideration will be contacted.

No recruiters or agencies, please.

**Company Overview**: