A career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises. This position allows you to have a positive impact on our organisation thanks to your expertise in securing application delivery chains and vulnerability management, your experience in integrating security by design and your ability to influence technology practises on a large scale. On a daily basis, you help protect the Bank's applications, data and clients by working closely with the development, DevOps, architecture and security teams. You work in an environment where collaboration, continuous improvement and automation are at the heart of our work methods. Support development teams in identifying, prioritising and correcting application vulnerabilities throughout the application lifecycle. Act as a reference person for application security, vulnerability management and DevSecOps practises for delivery teams by supporting security-related technical decisions. Integrate and optimise application security tools in continuous delivery pipelines, particularly for analysing code, dependencies, infrastructures and containers. Design and maintain secure CI/CD pipelines (GitHub Actions, CI GitLab, etc.) and preventive security controls integrated into application delivery workflows. Contribute to the evolution of standards, governance frameworks and practises for application security and vulnerability management in order to increase the organisation's DevSecOps maturity. Explore and promote advanced automation, including the use of artificial intelligence and agentic approaches to improve operational efficiency. Your team Vice-President – Strategy, practises and Delivery, we have more specialists who work in an agile, proactive and collaborative manner to seize opportunities, stay on the cutting edge of technology and continuously improve processes. You are part of a team of 12 colleagues in the Information Technology sector and will report to the Senior Manager – Asset Management. Our team stands out for its high level of technical expertise, delivery quality, operational excellence and a culture of collaboration, continuous learning and employee experience. Our goal is to offer you maximum flexibility to promote your quality of life, thanks to a hybrid work environment and a flexible, adaptable schedule. The Bank values continuous development and internal mobility. Our personalised training programs, based on on on-the-job learning, help you master your profession and develop new fields of expertise. Tools such as the Data Academy, language training, the Harvard Learning Centre and coaching and mentoring support are available to you at any time. Prerequisites A bachelor’s degree and 7 years of experience, or a master’s degree and 5 years of experience in software development or application security and vulnerability management. In-depth experience in application security, vulnerability management and DevSecOps practises, including securing the software supply chain. Master application security concepts such as OWASP Top 10, security development cycle, vulnerabilities and risk rating mechanisms Working knowledge of vulnerability management and application security tools, including tenable, Snyk and AQUEC. Experience with cloud environments (e.g. AWS, Azure), infrastructure as code (e.g. Terraform, CloudFormation) and containerisation technologies (e.g. Docker, Kubernetes). Hands-on experience with application security tools integrated into continuous delivery pipelines. #J-18808-Ljbffr