Our client, is seeking an expert-level Regulatory Compliance Management (RCM) Consultant to join the Application Security team within the Cyber Technology Office.
...
In this high-visibility, senior advisory role, you will be dedicated to managing application security and penetration testing compliance for a core enterprise line of business. The department operates in a fast-paced, highly regulated environment, providing application security testing (SAST, SCA, DAST, penetration testing) and vulnerability management services across the enterprise portfolio. You will serve as the expert translator between deeply technical engineering leads, corporate risk partners, and external regulatory auditors, ensuring the institution's control environments are unassailable and fully documented.
Duration: 6-Month Contract
Work Arrangement: Hybrid (3 days per week on-site at the Vancouver, BC corporate office)
Advantages
Tier-1 Cyber Technology Footprint: Champion compliance frameworks within the dedicated Application Security branch of a market-leading international bank.
Complex Regulatory Exposure: Lead the preparation, drafting, and defense of enterprise security postures directly facing federal regulators and external auditors.
Cutting-Edge Security Tool Alignment: Partner with security engineers utilizing market-leading application profiling and vulnerability discovery suites.
Strategic Risk Influence: Take ownership of remediation tracking, identifying systemic compliance gaps, and advising senior leadership on institutional risk mitigations.
Responsibilities
Regulatory Defense & Liaison: Acquire a deep, comprehensive understanding of the enterprise control environment. Collaborate across multi-layered business units to gather immutable technical evidence and author formal responses to incoming regulatory inquiries.
Audit Triage & Remediation Tracking: Directly address regulatory audit findings, identify operational or process compliance gaps, recommend strategic mitigations, and track engineering remediation pipelines from inception to validation.
Cross-Functional Synthesis: Interact daily with Application Security Leads overseeing SAST, Open-Source Security (OSS), DAST scanning, and Penetration Testing frameworks to monitor code hygiene compliance.
Executive & Regulatory Reporting: Draft concise, accurate, and highly structured regulatory summaries, compliance reports, and mitigation blueprints suitable for C-suite executive boards and strict regulatory bodies.
Process Gap Identification: Audit active operational engineering pipelines against documented control policies to detect, flag, and correct real-world procedural discrepancies.
Enterprise Infrastructure Integration: Collaborate with technology stakeholders to align application security compliance parameters with macro enterprise software delivery pipelines.
Qualifications
Experience & Expertise: 8+ years of progressive professional experience managing technical IT audits, regulatory compliance programs, and key control testing engagements within complex corporate environments.
Advanced Communication & Translation: Elite ability to synthesize dense technical security datasets into simplified, risk-focused prose. Must be comfortable translating complex software flaws into audit-ready documentation for non-technical regulators.
Risk Management Framework Depth: In-depth, practical knowledge of industry-recognized security risk management frameworks, financial controls, and cybersecurity best practices (e.g., NIST, ISO 27001, SOC 2).
Application Security Tool Context: Strong conceptual familiarity with enterprise application security scanning pipelines and software composition analysis tools, including platforms such as Checkmarx, NexusIQ, Snyk, and Burp Suite.
Nice-to-Have Skills & Assets
Industry-recognized security and risk management designations (e.g., CISSP, CCSP, CRISC, CISA, or ITIL).
Prior professional experience operating inside the Financial Services or Banking sectors.
Functional knowledge of secure coding paradigms and application testing methodologies (Static, Dynamic, and Open-Source software supply chain audits).
Summary
If you are a seasoned Cyber Compliance Expert who pairs a deep grasp of software vulnerabilities with the executive presence needed to manage high-stakes banking audits, this Vancouver-based mandate is an ideal match. Bring your framework discipline, regulatory writing precision, and collaborative leadership to an enterprise-defining security division today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
Our client, is seeking an expert-level Regulatory Compliance Management (RCM) Consultant to join the Application Security team within the Cyber Technology Office.
In this high-visibility, senior advisory role, you will be dedicated to managing application security and penetration testing compliance for a core enterprise line of business. The department operates in a fast-paced, highly regulated environment, providing application security testing (SAST, SCA, DAST, penetration testing) and vulnerability management services across the enterprise portfolio. You will serve as the expert translator between deeply technical engineering leads, corporate risk partners, and external regulatory auditors, ensuring the institution's control environments are unassailable and fully documented.
Duration: 6-Month Contract
Work Arrangement: Hybrid (3 days per week on-site at the Vancouver, BC corporate office)
Advantages
Tier-1 Cyber Technology Footprint: Champion compliance frameworks within the dedicated Application Security branch of a market-leading international bank.
...
Complex Regulatory Exposure: Lead the preparation, drafting, and defense of enterprise security postures directly facing federal regulators and external auditors.
Cutting-Edge Security Tool Alignment: Partner with security engineers utilizing market-leading application profiling and vulnerability discovery suites.
Strategic Risk Influence: Take ownership of remediation tracking, identifying systemic compliance gaps, and advising senior leadership on institutional risk mitigations.
Responsibilities
Regulatory Defense & Liaison: Acquire a deep, comprehensive understanding of the enterprise control environment. Collaborate across multi-layered business units to gather immutable technical evidence and author formal responses to incoming regulatory inquiries.
Audit Triage & Remediation Tracking: Directly address regulatory audit findings, identify operational or process compliance gaps, recommend strategic mitigations, and track engineering remediation pipelines from inception to validation.
Cross-Functional Synthesis: Interact daily with Application Security Leads overseeing SAST, Open-Source Security (OSS), DAST scanning, and Penetration Testing frameworks to monitor code hygiene compliance.
Executive & Regulatory Reporting: Draft concise, accurate, and highly structured regulatory summaries, compliance reports, and mitigation blueprints suitable for C-suite executive boards and strict regulatory bodies.
Process Gap Identification: Audit active operational engineering pipelines against documented control policies to detect, flag, and correct real-world procedural discrepancies.
Enterprise Infrastructure Integration: Collaborate with technology stakeholders to align application security compliance parameters with macro enterprise software delivery pipelines.
Qualifications
Experience & Expertise: 8+ years of progressive professional experience managing technical IT audits, regulatory compliance programs, and key control testing engagements within complex corporate environments.
Advanced Communication & Translation: Elite ability to synthesize dense technical security datasets into simplified, risk-focused prose. Must be comfortable translating complex software flaws into audit-ready documentation for non-technical regulators.
Risk Management Framework Depth: In-depth, practical knowledge of industry-recognized security risk management frameworks, financial controls, and cybersecurity best practices (e.g., NIST, ISO 27001, SOC 2).
Application Security Tool Context: Strong conceptual familiarity with enterprise application security scanning pipelines and software composition analysis tools, including platforms such as Checkmarx, NexusIQ, Snyk, and Burp Suite.
Nice-to-Have Skills & Assets
Industry-recognized security and risk management designations (e.g., CISSP, CCSP, CRISC, CISA, or ITIL).
Prior professional experience operating inside the Financial Services or Banking sectors.
Functional knowledge of secure coding paradigms and application testing methodologies (Static, Dynamic, and Open-Source software supply chain audits).
Summary
If you are a seasoned Cyber Compliance Expert who pairs a deep grasp of software vulnerabilities with the executive presence needed to manage high-stakes banking audits, this Vancouver-based mandate is an ideal match. Bring your framework discipline, regulatory writing precision, and collaborative leadership to an enterprise-defining security division today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more