Senior Threat Modeling Analyst

Join a Challenger

Being a traditional bank just isn’t our thing. We are big believers in innovating the banking experience because we believe Canadians deserve better options, and we challenge ourselves and our teams to creatively transform what’s possible in banking. Our team is made up of inquisitive and agile minds that find smarter ways of doing things. If you’re not afraid of taking on big challenges and redefining the future, you belong with us. You’ll get to work with people who will encourage you to reach new heights. We like to keep things fun, ask questions and learn together.

We are a big (and growing!) family. Overall we serve more than 670,000 people across Canada through Equitable Bank, Canada's Challenger Bank™, and have been around for more than 50 years. Equitable Bank's wholly-owned subsidiary, Concentra Bank, supports credit unions across Canada that serve more than six million members. Together we have over $125 billion in combined assets under management and administration, with a clear mandate to drive change in Canadian banking to enrich people's lives. Our customers have named our EQ Bank digital platform (eqbank.ca) one of the top banks in Canada on the Forbes World's Best Banks list since 2021. 

The Work:

The Senior Threat Modeling Analyst will work closely with the technology teams and line of business teams to develop secure technology solution designs. The Senior Threat Modeling Analyst will lead the identification of Cyber security risks to the bank’s technologies and ensure sufficient controls are in place to mitigate these risks which could otherwise result in Cyber Security attacks, while enabling the business to grow the bank and serve our customers efficiently and securely.

Job Duties:

• Provide security advisory services to technology and business teams.
• Perform security assessments for technical solution designs.
• Identify threat scenarios and evaluate risk rating based on a thorough review of the solution design by working closely with SMEs.
• Track and remediate design flaws identified by the Threat Model process.
• Ensure onboarding of appropriate security services by the project; e.g. Automated security scanning, MFA, SIEM onboarding etc.
• Manage design security flaws tracking and escalate outstanding risks as required.
• Manage security risks for assigned portfolio to ensure that action/mitigation plans are defined and actioned in-time.
• Support Threat modeling and solution design security process improvements.

Let's Talk About You!

• A college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.
• At least five (5) years of information security and information risk experience.
• Experience in performing Threat modeling is required.
• Experience in supporting application security programs is required.
• Experience and deep understanding of hybrid cloud technologies is required.
• Experience in performing IT security risk assessments is required.
• Experience in developing risk mitigation recommendations is required.
• Experience and ability to document security architecture views and threat modeling analysis (i.e. attack trees, sequence flow diagrams, Data Flow Diagrams etc.) for various technology designs.
• Understanding and experience in Application Security frameworks is required e.g. OWASP.
• Understanding of CI/CD pipeline and approaches to automate security testing is an asset
• Understanding of API security is an asset.
• Having coding experience is an asset.
• The following certifications are preferred: CCSP, SABSA, CCSK, CISM, CISSP, or CRISC.
• Understanding and experience with TOGAF, OWASP, SAMM, MITRE ATT&CK, BSIMM, NIST, ISO 27K series is an asset.
• Experience working in a banking or financial services environment is an asset.

What we offer [For full-time permanent roles]

💰 Competitive discretionary bonus 

✨ Market leading RRSP match program

🩺 Medical, dental, vision, life, and disability benefits

📝 Employee Share Purchase Plan

👶🏽 Maternity/Parental top-up while you care for your little one

🏝 Generous vacation policy, personal days and even a moving day 

🖥 Virtual events to connect with your fellow colleagues

🎓 Annual professional development allowance and a comprehensive Career Development program

💛 A fulfilling opportunity to join one of the top FinTechs and help create a new kind of banking experience

The incumbent will be working hybrid and in office time will be spent working from Equitable Bank’s additional office space located at 351 King Street East, Toronto, ON.

Equitable Bank is deeply committed to inclusion. Our organization is stronger and our employees thrive when we honour and celebrate everyone’s diverse experiences and perspectives. In tandem with that commitment, we support and encourage our staff to grow not just in their career path, but personally as well. 

We commit to providing a barrier-free recruitment process and work environment for all applicants. Please let us know of any accommodations needed so that you can bring your best self to the application process and beyond. All candidates considered for hire must successfully pass a criminal background check and credit check to qualify for hire. While we appreciate your interest in applying, an Equitable recruiter will only contact leading candidates whose skills and qualifications closely match the requirements of the position.

We can’t wait to get to know you!