A career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises. This position allows you to have a positive impact on our organisation thanks to your expertise in securing application delivery chains and vulnerability management, your experience in integrating security by design and your ability to influence technology practises on a large scale. On a daily basis, you help protect the Bank's applications, data and clients by working closely with the development, DevOps, architecture and security teams. You work in an environment where collaboration, continuous improvement and automation are at the heart of our work methods. Your job Support development teams in identifying, prioritising and correcting application vulnerabilities throughout the application lifecycle. Act as a reference person for application security, vulnerability management and DevSecOps practises for delivery teams by supporting security‑related technical decisions. Integrate and optimise application security tools in continuous delivery pipelines, particularly for analysing code, dependencies, infrastructures and containers. Design and maintain secure CI/CD pipelines (GitHub Actions, CI GitLab, etc.) and preventive security controls integrated into application delivery workflows. Contribute to the evolution of standards, governance frameworks and practises for application security and vulnerability management in order to increase the organisation's DevSecOps maturity. Explore and promote advanced automation, including the use of artificial intelligence and agentic approaches to improve operational efficiency. Prerequisites A bachelor’s degree and 7 years of experience, or a master’s degree and 5 years of experience in software development or application security and vulnerability management. In‑depth experience in application security, vulnerability management and DevSecOps practises, including securing the software supply chain. Master application security concepts such as OWASP Top 10, security development cycle, vulnerabilities and risk rating mechanisms. Working knowledge of vulnerability management and application security tools, including Tenable, Snyk and AQUEC. Experience with cloud environments (e.g., AWS, Azure), infrastructure as code (e.g., Terraform, CloudFormation) and containerisation technologies (e.g., Docker, Kubernetes). Hands‑on experience with application security tools integrated into continuous delivery pipelines. In addition to competitive compensation, you’ll be eligible for a wide range of flexible benefits to help promote your wellbeing and that of your family. Your benefits Health and wellness programme, including many options Flexible group insurance Generous pension plan Employee Share Ownership Plan Employee and family assistance programme Preferential banking services Involvement in community initiatives Telemedicine service Virtual sleep clinic #J-18808-Ljbffr