Application Security Architecture Analyst, Deloitte Global Technology (DT-GCISCO)

Apply now »
Apply now

Apply for Job

Date: Jun 23, 2022

Location: Toronto, Ontario, Canada

Company: Deloitte

Job Type: Permanent 
Reference code: 99746   
Primary Location: Toronto, Ontario, Canada 
All Available Locations: Toronto; Calgary; Edmonton; Vancouver 

 

Our Purpose

At Deloitte, we are driven to inspire and help our people, organization, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization.

 

Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness. 
Experience a firm where wellness matters.Be expected to share your ideas and to make them a reality.
Be part of a firm that leads the way and pushes themselves to look like contemporary Canada.
 

 

 

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting edge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

What will your typical day look like?

 

You will advocate to the application teams Cybersecurity, DevSecOps, and Agile engineering procedures such as secure coding practices, code reviews, threat modeling, quality engineering practices, and advanced requirement capturing techniques for improving end-to-end secure delivery practices. You will also work to harden cloud infrastructure from attacks by implementing automated and integrated release cycles incorporated within the Agile Security Software Development Lifecycle’s (SSDL) tools and processes. Additional responsibilities include:

 

  • Responsible for day-to-day collaboration with the application teams to ensure successful implementation of secure coding practices, and integration of secure application and design processes across Deloitte.
  • Support the Secure Systems Development Lifecycle (SSDLC), including functional and non-functional cybersecurity requirements for all new applications.
  • Work with the Cybersecurity Strategy and Governance group, as a subject matter expert in the application security domain.
  • Work with global business functions to automate and integrate application and system cybersecurity assessments into their processes.
  • Champion the Security Software Development Lifecycle (SSDLC) by discovering and raising security concerns in the existing development workflow and help the development team build security awareness and thinking into every stage of the software development process.
  • Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.

About the team

 

Deloitte Global Culture:

 

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network. In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark. Deloitte Global supports our talented professionals in answering the question: What impact will you make?

 

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its
communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you

 

You are someone with:

 

  • Bachelor’s degree in computer science, computer engineering, technology-related field, or equivalent work experience
  • 4+ years of combined experience in software engineering, and DevOps/DevSecOps, preferably in an information security context
  • Experience with threat modeling of application designs and data flows to identify potential weaknesses
  • Experience creating abuse cases for functional security testing
  • Programming skills in one or more of the following programming and markup languages: Java, .Net,
  • Terraform, Python, Visual Basic, PowerShell, Bash, C++, C#, Django, JavaScript, HTML, CSS, etc.
  • Experience with secure programming and identifying potential flaws in codes to mitigate vulnerabilities
  • Ability to translate traditional SDLC approach (plan, code, build, test, release, deploy and monitor) to the phases of agile development when writing software to automate security related tasks

 

Our shared values

While our Purpose guides us and helps explain why we exist, our shared values describe the behaviour we expect from each other at the firm.

They provide common ground to unite us across cultures and geographies. They help us to earn the trust and respect of our stakeholders. We all commit to living by these shared values, to stay true to the principles they represent, and to honour the legacy from which they came. They are what sets us apart and makes us Deloitte.

 

Every day, we live our Purpose through the following five shared values:

 

  • Lead the way: Deloitte is not only leading the profession, but reinventing it for the future. We’re also committed to creating opportunity and leading the way to a more sustainable world.
     
  • Serve with integrity: Deloitte has earned the trust of employees, clients, regulators, and the public for 175 years. Upholding that trust is our single most important responsibility.
     
  • Take care of each other: We look out for one another and prioritize respect, fairness, development, and well-being.
     
  • Foster inclusion: We are at our best when we foster an inclusive culture and embrace diversity in all forms. We know this attracts top talent, enables innovation, and helps us deliver well-rounded client solutions.
     
  • Collaborate for measurable impact: We approach our work with a collaborative mind¬set, teaming across businesses, geographies, and skill sets to deliver tangible, measurable, attributable impact.



The next step is yours
 

Sound like The One Firm. For You? 
 

At Deloitte, we are all about doing business inclusively – that starts with having diverse colleagues of all abilities. Deloitte encourages applications from all qualified candidates who represent the full diversity of communities across Canada. This includes, but is not limited to, people with disabilities, candidates from Indigenous communities, and candidates from the Black community in support of living our values, creating a culture of Diversity Equity and Inclusion and our commitment to our AccessAbility Action PlanReconciliation Action Plan and the BlackNorth Initiative.

We encourage you to connect with us at accessiblecareers@deloitte.ca if you require an accommodation for the recruitment process (including alternate formats of materials, accessible meeting rooms or other accommodations). We’d love to hear from you!

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.
Deloitte Canada has 30 offices with representation across most of the country. We acknowledge our offices reside on traditional, treaty and unceded territories as part of Turtle Island and is still home to many First Nations, Métis, and Inuit peoples. We are all Treaty people.


Job Segment: Test Engineer, Testing, Cloud, Computer Science, Developer, Engineering, Technology