Senior JavaScript (React/Angular) Developer to work on application security features for large financial bank - BNSJP00033753
S.i. Systems
- Toronto, ON
- Contract
- Full-time
- Build and support within the lower environments and supporting the deployment of applications and users into production.
- Application production support.
- Develop and/or enhance strategies and processes to manage web application security vulnerabilities and threats for both transactional and marketing/informational web sites.
- Develop and/or enhance communication model to manage web application vulnerability remediation with the development and infrastructure support teams in support of risk management practices on behalf of the business owner.
- Develop and/or enhance reporting to development teams and all levels of management in order to provide proper tracking and measurement of remediation relative to established objectives
- Recommend, design, assess, implement, deploy and maintain application security controls required to protect the Bank and its customers.
- Responsible for developing and/or enhancing the strategies and processes to identify, analyze, and communicate application vulnerabilities as per the CISO Directive and published communication process flows.
- Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk.
- Responsible for timely and accurate reporting of all findings to the development teams, appropriate levels of management and the business risk owner
- 10+ years of experience with Java application development and more than one of the following languages: Java/JavaScript (preferred), Swift, Kotlin, React, Angular, Ruby, Python C#.
- 3+ years of experience building security applications.
- 3+ years of experience with multi-tier Web Applications, web services, and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common Vulnerabilities and Exposures).
- 3+ years of experience performing source code reviews manually and experience with any Static Application Security Testing (SAST) tools.
- 3+ years of experience and knowledge of technologies and processes such as Agile Software Delivery, Continuous Integration and Continuous Delivery, DevOps, GitOps, Cloud Native Technologies including Docker Containers, Kubernetes, and Deployment Automation & Orchestration.
- Experience in an Agile development workshop and leveraging tools such as Confluence, JIRA, Bit Bucket, Gradle, Maven and Jenkins.
- Experience on reporting tools such as Cognos, JasperReport and Microsoft Power BI.