AppSec Jobs
← Back to all jobs

Intact

Application Security Senior Developer

Toronto, Ontario, CanadaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Intact

Intact Financial Corporation is Canada's largest provider of property and casualty (P&C) insurance, with a significant presence in the UK and Ireland. Headquartered in Toronto, the company employs approximately 31,000 people across over 350 offices worldwide. Founded in 2004, Intact has expanded through organic growth and numerous acquisitions, achieving nearly $24 billion in annual operating Direct Premiums Written. The company offers a wide range of P&C insurance products, including personal lines such as auto and property insurance, as well as commercial lines that cover property, liability, and specialty risks. Intact operates under several brands, including Intact Insurance, belairdirect, and BrokerLink, and utilizes a multi-channel distribution strategy. With a focus on sustainability and strong financial performance, Intact aims to enhance customer experience and strengthen its market position through data-driven insights and innovative solutions.

Industry

insurance

Employees

31,000

1017 engineers

Revenue

$17B

Website

Visit →

Security at Intact

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Intact Financial Corporation aims to "apply and automate application security policies"while "preserving the developer experience".
  • Their cybersecurity risk management process "is based on the NIST Framework", and "All employees complete annual data and security training.".

Security Team

  • Andrew Vezina holds the title of "Deputy Senior Vice President and Chief Information Security Officer (CISO)".
  • Intact also has roles such as "Security Advisor Senior - Application Security and Penetration Testing".

Key Initiatives

  • Intact's initiatives include applying and automating application security policies, developing and integrating an automated agent into continuous integration and deployment (CI/CD) pipelines, and designing tools to sort and distribute critical vulnerabilities to developers.
  • Their cybersecurity risk management process is based on the NIST Framework, and all employees complete annual data and security training.
  • Specific public documentation describing a security champions program, detailed vulnerability management SLAs or MTTR metrics, and explicit tool/vendor names for SAST/SCA/DAST were not located.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.