Skills

Communication Time Management Python Java PHP Penetration Testing Encryption DevOps Customer Service Research Architecture Enterprise Architecture Application Architecture Risk Assessment Programming Organization Azure AWS Software Development cloud platforms SDLC .NET Microservices

Job Specifications

The Role: Senior Application Security Architect

What you are looking for:

A closely connected culture
A total rewards package meant to enhance your work-life flexibility
Fully utilizing your talent
Professional growth and development via challenging projects and assignments
Warm and fuzzy feelings knowing you have helped your community, your team, the business and social causes through the Rexall Care Network

In this existing role you will be reporting to the Cybersecurity Manager, the Sr. Application Security Architect is responsible for establishing, communicating, and enforcing the standards for application security, including software development standards, developing security standards, implementing architectural principles and working with enterprise architects to ensure adherence to Rexall security standards and industrial best practice.

What you’ll be doing:

Manage and lead Rexall Secure Development Lifecycle (SDLC) process and practice
Work with enterprise architects and software development team to develop and implement secure software development framework
Develop application security standards and SOPs that comply with McKesson Security Policies, industry best practices and meet all appropriate legal and regulatory compliance standards
Research security solutions and options for various Cloud application hosting platforms
Develop and maintain Enterprise Architecture Security Reference framework
Develop catalogue of standard secure architectures for different deployment types, including web application, mobile applications, cloud-based applications, SaaS, PaaS offering, etc.
Liaise with Enterprise and Software Architects and integration teams to ensure that all applications are implemented with appropriate adherence to security standards.
Manage application risk assessment
Recommend appropriate solutions, components and development frameworks for new systems
Incumbent will be the primary contact point representing Security for teams developing any new applications
Participate in the review and approval of new systems implementation or development from the security perspective.
Coordinate application penetration testing for all new and existing applications
Manage Web Application Firewall and response to security incident involving application security
Manage Static and Dynamic scan platform and schedule
Work with internal and external resources to remediate application vulnerabilities found by code scan or from other channels.
Work with internal and external auditors to provide evidence for audits and to remediate any gaps relative to application architecture and implementation
Work in a cooperative manner with the IT Organization
Perform other duties as assigned to support Rexall Pharmacy Group Ltd.

Knowledge, skills and experience:

Minimum 10+ years of working experience in IT combined with bachelor’s degree in Computer Science
Hands-on programming experience in software development in common programming environments including .NET, PHP, Java, Python
Experience with Secure SDLC, DevOps, Microservices and integrated digital solutions
Deep knowledge of application authentication and encryption including key management, IAM, OAUTH and SAML
Experience with secure web application and mobile application development
Experience with application penetration testing
Experience with static code scanning tools and dynamic scanning
Experience with secure coding and secure software development lifecycle paradigms defined in OWASP, ISO27001 and/or NIST frameworks
Experience with PCI DSS compliance and the relevant requirements for application and system architecture.
Experience with best practices for security controls, solutions and architectures for common cloud platforms such as Azure, AWS and Office365
Experience with HIPA/PHIPA compliance regulations and practical ways of ensuring compliance with information privacy requirements
Relevant experience in auditing based on PCI DSS and ISO 27001 information security framework is an asset.
Strong interpersonal skills; highly motivated and directed.
Excellent communication skills, both written and verbal.
Strong customer service orientation.
Experience working in a team-oriented, collaborative environment.
Strong organization and time management skills
Demonstrated experience in an audit role

At Rexall, we are better together. We serve our customers, partners, and patients best—we are our best—when everyone brings their true self to work. Our connected, inclusive culture celebrates our lived experiences, backgrounds, expertise, and self-expression to let us win as one team. Leveraging our differences distinguishes us and brings out our best performance.

Are you #ALLin?

Rexall Pharmacy Group is committed to providing an accessible environment for all of our customers, employees, and job applicants. Rexall Pharmacy Group will make available to any selected applicants’ accommodations and/or accessible formats should they require. Candidates are encourage

About the Company

For over 120 years, Rexall has been a trusted name in Canadian healthcare. Established in 1904, we've grown to become a leading pharmacy chain with over 400 locations across the country. Through it all, we've remained focused on making a positive impact in the communities we serve. Rexall has been honored as a Great Place to Work(tm) by our employees, consistently earning accolades as a top Canadian employer for our exceptional workplace environment. Caring for Canada's health, one person at a time, is our purpose - and our ... Know more