Skip Navigation

Information Security Advisor – Threat Modeling

Job ID 10547049 Date posted 01/15/2019

Primary Locations: Montreal, Quebec, Toronto, Ontario

Employee Status: Regular

Schedule: Full-time


We're looking for new talent to expand our security team. We live in a digital world where daily changes require us to be pragmatic, agile and proactive in the way we approach opportunities, technologies and processes from a security standpoint.

If you'd like to:
  • Influence change
  • Have input in information security
  • Join a dynamic, innovative team
  • Explore new ideas

If you can:
  • Carry out threat modeling to assess architectural risks 
  • Facilitate and support threat modeling exercises, architecture review and attack scenario analyses 
  • Exercise your judgement regarding existing policies and security best practices

We want to hear from you! 

Ways you can make a positive impact in our organization:
  • Facilitate and support threat modeling exercises, architecture review and attack scenario analyses 
  • Have a good understanding of software security architecture and design to identify and recommend improvements in internal methodologies and processes
  • Integrate threat modeling practices in the systems development life cycle (covering agile mode as well) 
  • Be able to provide tactical and strategic direction as well as detailed remediation guidance to help technical teams achieve acceptable security postures
  • Participate in complex projects and provide threat modeling and risk reports 
  • Ensure that risk considerations are addressed at each stage of the system development life cycle 
  • Communicate with technical and non-technical professionals
  • Inspire a positive work environment and help as a champion, innovator, team player and team support 


  • A completed bachelor's degree in a related field plus 7 years of relevant experience, or a completed master's degree in a related field plus 5 years of relevant experience
  • Professional certifications (e.g. CISSP), an asset, or willingness to obtain certification quickly 
  • 3-5 years of information security experience 
  • Minimum of 1-2 years of threat modeling experience; understanding and use of threat modeling tools is an asset 
  • Experience assessing risks and analyzing vulnerabilities 
  • Good understanding of the field of information control, including authentication, authorization, access control, audit, cryptography 
  • Good understanding of software development processes, integration of security assessments into the systems development life cycle (SDLC), and OWASP guidelines for application security
  • Good understanding of Web application vulnerabilities as well as business logic vulnerabilities and threats
  • Hands-on, in-depth understanding of the architecture of infrastructure components, applications and related technologies (Web applications, mobile technology, identity management, access management, AD)
  • Bilingualism both spoken and written - English and French

We strive to be an inclusive organization where all employees are valued. National Bank stands out for its many initiatives to promote inclusion, making it a Canada-wide leader in diversity.

Particular Condition:Please note that the position may be located in Montreal or in Toronto, according to the selected candidate’s current location

JobField: IT

Unposting Date: 2019-02-15

Job Number: INF0010S

Posting Date: 2019-02-01

Send this opportunity via email

Job Matching

Let us search jobs for you based on the skills and experience listed in your profile.

Start matching