We are connecting businesses to the financial infrastructure they need most: lending, payment, analytics while using modern digital tools so companies can start offering financial services to their customers with a few lines of code. 

We are currently looking for an Application Security Engineer to join the team in our journey towards building a unique service offering for the Financial Industry that will change the way financial services are distributed. If you’re detail-oriented, you like to focus on technical work but also like working in collaboration with fellow team members, you want to learn new technologies, and would like to help build a world-class company, we’d love to chat! 

***These positions are offered on a 100% remote basis and you will report to a team and a manager based in Montreal. ***

Your role: 

• Review the architecture, the code and provide security guidance. 
• Advise developers on how to mitigate or avoid web, API, and systems-level vulnerabilities. 
• Collaborate with product managers, designers, and developers to perform threat modeling and architect secure, resilient systems. 
• Review source code against secure coding best practices and contribute security requirements. 
• Train and support developers to build securely. 
• Lead the software design and implementation of security services, tools, and libraries to provide secure defaults to the rest of the organization. 
• Promote security remediations in the CI/CD pipeline by building tools and services for developers to consume. 
• Champion an internal security culture. 

Our ideal candidate would align with the following skills and have hands-on experience designing and building secure systems in a cloud native environment with experience in using various tools, methodologies and frameworks as described below: 

• Hands-on experience in software engineering projects, preferably in languages such as Go, Java, C#, or JavaScript. You can write robust code with good test coverage and can point to specific examples of projects you’ve successfully delivered in the past. 
• Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery), network architecture, and/or system architecture. 
• Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases. 
• Strong working knowledge of software security. 
• Good communication skills, in English and/or French 

We have to offer:

• We are a technology company first and it is the driving force behind our way of working.
• A compelling technology stack: microservices using Golang, with a focus on Serverless & Cloud Native resources, gRPC, REST, GraphQL, SPAs, mobile
• An opportunity for you to grow and help build the future leader in financial services
• A strong work ethic, humor and camaraderie, and a clear drive to succeed, not just as a company but as an innovator.
• A dynamic, collaborative work environment
• A flexible environment that encourages work-life balance
• Remote work
• An ongoing training and skills development program

Your benefits

Upon hiring, you will be eligible for a wide range of benefits. In addition to competitive compensation, we offer attractive benefits for you and your family:

• Health and wellness program, including many benefits
• Flexible group insurance
• Defined benefit pension plan
• Employee Share Ownership Plan
• Employee and family assistance program
• Preferred banking services
• Volunteer program
• Telemedicine
• Virtual sleep clinic

These are just a few of the many benefits we offer.

We're putting people first

Finaptic Technologies is a division of National Bank of Canada, a bank on a human scale that stands out for its courage, entrepreneurial culture, and passion for people. Our mission is to have a positive impact on peoples' lives.

Our core values of partnership, agility, and empowerment inspire us, and inclusivity is central to our commitments. We offer a barrier-free workplace that is accessible to all employees