Senior Mainframe & Application Developer – Reinsurance Systems

Recrute Action • Toronto • $80 - $85 / year • 1w ago

What is in it for you:

• Salaried: $80-85 per hour. • Incorporated Business Rate: $90-95 per hour. • 6-month job assignment • Full-time position: 37.50 hours per week. • Hybrid role: 3 days in the office • Join a passionate and inclusive team of professionals.

Responsibilities: • Governance & Risk Oversight o Assess web application penetration test standards aligning with the enterprise application security standards and risk appetite. o Promote improvement in global penetration test process and governance models with second line of defense, first line control function and local market security functions. o Review and challenge cybersecurity controls including DLP, IAM, cloud configurations, and third-party dependencies to confirm the security risk reported from a penetration test report. o Elaborate on the risk and controls of Manulife global penetration test process to internal audit functions and regulators. • Quality Assurance Over Penetration Testing o Oversee global pentest processes across Asia and North America markets, ensuring regulatory alignment. o Drive consistency and quality assurance across all pentest engagements and reporting. o Advise the proper treatment of vulnerability to internal clients as a remediation advisory service. o Maintain centralized vulnerability records and dashboards using JIRA board, SharePoint, Power BI, and Excel VBA. • AI Risk Management o Lead and challenge AI-related security issues including bias, adversarial attacks, prompt injection, and hallucination. o Build and maintain an AI agent for penetration test quality assurance program. • Automation & Reporting o Lead, design and manage the automation of penetration test process and quality assurance program. o Maintain the automated risk reporting processes using Power Automate and Power BI. o Present quarterly risk insights to the Board of Directors. • Training & Awareness o Deliver training sessions to IT engineers and pentesters on application security risks and best practices.

What you will need to succeed: • Bachelor's degree in a technical field such as computer science, computer engineering or related field required • Bachelor’s degree in Information Systems, Computer Science, or related field. • Minimum 8 years of experience in cybersecurity, IT audit, or application security risk, with at least 3 years in a leadership role. • Experience in global financial services or regulated environments preferred. • Knowledge of audit methodologies, control frameworks, risk management practices, and regulatory requirements relevant to the technology risk domain. • Knowledge of relevant regulatory requirements and industry best practices in cybersecurity. • Certifications required: CISSP – Certified Information Systems Security Professional, CISA – Certified Information Systems Auditor, CISM – Certified Information Security Manager and CRISC – Certification in Risk and Information Systems Control • Strong proficiency in Power BI, Power Automate, Excel VBA, and SharePoint. • Familiarity with penetration testing tools such as Brup Suite, Kali Linux. • Deep understanding of cybersecurity frameworks (e.g., OSFI B-13, NIST). • Excellent communication and stakeholder management skills. • Strong analytical and problem-solving abilities. • Ability to lead cross-functional teams and drive strategic initiatives. • Demonstrated ability to work effectively in diverse environments and cultures, over a number of geographically dispersed office locations. • Strong understanding of cultural difference across countries with good relationship skills including a demonstrated ability to deal effectively with staff at all levels and different locations.

Why Recruit Action? Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach to job seekers and businesses. Only candidates who match hiring criteria will be contacted. # MFCJP00015634