Manager, Application Security

Permanent Full Time

We are looking for a Manager, Application Security.

The Manager, Application Security will lead the organization's application security program, ensuring secure design, development, and deployment of applications. This role requires deep technical expertise in threat modeling, secure coding practices, and advanced security testing methodologies, including SAST, SCA, DAST, and penetration testing. The manager will collaborate with engineering, DevOps, and product teams to embed security into the SDLC and drive continuous improvement.

Key Responsibilities

• Program Leadership

• Define and execute the application security roadmap aligned with business objectives.

• Manage and mentor a team of application security engineers and analysts.
• Establish KPIs and metrics for security posture and program success.

• Secure Development Lifecycle (SDLC)

• Integrate security controls into CI/CD pipelines.

• Oversee threat modeling for critical applications and architectures.
• Manage SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools.
• Coordinate and review penetration testing activities for web, mobile, and API applications with vendors and internal stakeholders.

• Risk Management & Compliance

• Identify, assess, and prioritize application security risks.

• Ensure compliance with OWASP Top 10, NIST, ISO 27001, and regulatory requirements.
• Provide executive-level reporting on vulnerabilities and remediation progress.

• Collaboration & Enablement

• Partner with development teams to promote secure coding practices.

• Deliver training and awareness programs on application security.
• Act as a subject matter expert for application security across the organization.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field.
• 7+ years in application security or software development with security focus.
• 3+ years in a leadership or managerial role.
• Hands-on experience with threat modeling, SAST, DAST, and penetration testing.
• Technical Skills:
• Proficiency with tools like Veracode, Checkmarx, Burp Suite, OWASP ZAP, and similar.
• Strong understanding of secure coding principles and vulnerability remediation.
• Familiarity with cloud security (AWS, Azure, GCP).
• Certifications (Preferred): CISSP, CSSLP, OSCP, GWAPT, or equivalent.

Core Competencies

• Strategic thinking and ability to influence at all levels.
• Excellent communication and stakeholder management skills.
• Strong analytical and problem-solving abilities.

The base salary for this position is between $76,400 - $141,400 maximum annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Be your best at Canada Life- Apply today

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

You can be your best here. You're part of a diverse and inclusive workplace where your career and well-being are championed. You'll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

Together, as part of a great team, you'll deliver on our shared purpose to improve the well-being of Canadians. It's our driving force. Become part of a strong and successful company that's trusted by millions of Canadians to do the right thing.

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we're one of Canada's leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations.

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.