Application Security Consultant - SCA - Global Security

Job Description

What is the opportunity?

We are seeking a talented Intermediate Developer to join our Application Security team and serve as a bridge between security and development. You will provide technical execution and expertise in application security, with a specialization in Software Composition Analysis (SCA) in the area of open-source security. Working across the enterprise, you will support application teams, drive security best practices, and improve RBC's overall security posture through the design and implementation of application security initiatives. You will balance strategic security responsibilities with hands-on development work, leveraging both your strong development skills and security expertise to deliver impact across the organization. This is an excellent opportunity to grow your expertise in application security while building on your strong development foundation.

We're Looking For

• Someone curious about application security and open-source vulnerabilities
• A developer with solid fundamentals who's ready to grow into security
• A collaborator who can bridge technical and security conversations
• Someone comfortable learning new tools and frameworks on the job

What will you do?

• Support end users of application security testing tools, managing tickets through a ticketing platform
• Prioritize and triage SCA scan results, communicating needs and recommendations to application teams
• Act as a primary point of contact for application teams, bridging security and development functions
• Drive security practices and improve security posture across the enterprise by working with application development teams
• Educate key organizational stakeholders (developers, security consultants) on application security matters and open source vulnerabilities
• Assist in the integration of application security processes and tools into existing enterprise development processes and pipelines
• Participate in and lead a range of application security assessment activities
• Contribute to the design and implementation of application security testing workflows and troubleshoot tool configurations and resolve scanning issues
• Design and develop RESTful APIs following best practices, security standards, and industry guidelines
• Write clean, maintainable code for data processing, manipulation, and analysis
• Leverage open source packages and libraries responsibly, understanding their security implications and vulnerabilities
• Collaborate with senior developers, security consultants, and cross-functional teams to deliver quality solutions and advance security initiatives
• Participate in code reviews and contribute to continuous improvement of security and development practices
• Debug and troubleshoot applications to resolve security and functional issues efficiently
• Document code and maintain technical documentation including security considerations
• Contribute to the full software development lifecycle from design through deployment, with security integration
• Proactively solve problems to ensure application development teams can effectively use the latest application security testing tools
• Research and keep up to date on application security emerging threats, techniques, tools, and trends
• Participate in system design discussions and architectural decisions with a security lens
• Learn from and mentor with senior security and development team members to continuously improve your security expertise
• Work in a diverse environment leveraging team members' experience and knowledge

What do you need to succeed?

Must-have

• Familiarity with or interest in application security best practices; exposure to secure coding principles
• Experience supporting or working with SCA tools, or demonstrated interest in application security and dependency management
• 2+ years of professional experience developing and consuming REST APIs and applications
• Basic understanding of open-source security; experience managing or evaluating dependencies (will expand expertise on the job)
• Strong proficiency in at least one primary language: Python, Java, JavaScript, or .NET
• Solid understanding of HTTP protocols, API design patterns, and RESTful principles
• Experience working with relational databases and SQL
• Hands-on experience with CI/CD tools and pipelines (Jenkins, GitHub Actions, GitLab CI) and understanding of DevOps and DevSecOps approaches
• Experience with Threat Modelling and Risk Assessment activities
• Understanding of agile methodology (Scrum, Kanban)
• Experience with data visualization or analytics tools
• Knowledge of software design patterns and SOLID principles
• Knowledge of OWASP, SANS, or other security-related frameworks
• Passion for or demonstrated interest in application security and secure coding practices
• Willingness to learn and grow in application security specialization
• Strong ability to manage client and stakeholder relations
• Strong problem-solving skills and attention to detail
• Ability to work collaboratively in an agile, cross-functional team environment
• Excellent communication and documentation skills

Nice-to-Have

• Understanding of testing frameworks and test-driven development (TDD)
• Experience with NoSQL databases (MongoDB, DynamoDB, etc.)
• Familiarity with message queues or event-driven architecture (Kafka, RabbitMQ)
• SAST/DAST testing tools and techniques
• Penetration testing experience
• Cloud platforms (AWS, Azure, GCP)
• Containerization and microservices (Docker, Kubernetes)
• Code quality and security tools (SonarQube, static analysis, code coverage)
• Monitoring and logging tools (ELK stack, Datadog, New Relic)
• Caching technologies (Redis, Memcached)
• Contributions to open source projects
• Experience with system design and scalable architecture
• Knowledge of distributed systems concepts
• Demonstrated experience leveraging AI platforms (ChatGPT, OpenAI, Claude) to enhance productivity, automate workflows, and generate insights

What's in It for You

• A comprehensive Total Rewards Program including bonuses and flexible benefits
• Competitive compensation and stock opportunities
• Leaders who support your development through coaching
• Ability to make a lasting impact on RBC's security posture across the enterprise
• Work in a dynamic, collaborative, high-performing security and development team
• World-class training in financial services and application security
• Flexible work/life balance options
• Opportunities for challenging work in a hybrid environment

#LI-HYBRID | #LI-POST | #SecurityDeveloper

Job Skills

Agile Methodology, Application Development, Application Security, Application Security Assessment, Application Security Testing, Critical Thinking, Cybersecurity, Encryption Software, Group Problem Solving, Information Security, Information Security Management, Information Technology Security, Infrastructure Penetration Testing, IT Security Architecture, IT Systems Integration, Java, Process Development (PD), Python (Programming Language), Security Testing, Vulnerability Management

Additional Job Details

Address:

16 YORK ST:TORONTO

City:

Toronto

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

TECHNOLOGY AND OPERATIONS

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2026-05-26

Application Deadline:

2026-06-26

Note : Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Our Employment Opportunities

At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com .

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.