Job description:
Key Accountabilities:
• Conducting vulnerability assessments and penetration testing in cloud and on-prem environments against applications (web, mobile, APIs and desktops).
• Analyzing vulnerabilities and delivering clear and coherent written reporting, identifying risks, and providing mitigation recommendations
• Design and implement security automation as part of the continuous integration (CI) and continuous delivery (CD) pipeline of key Business teams in order to proactively uncover security vulnerabilities in a shift-left approach
• Design and Implement secure architecture to protect the confidentiality, integrity, and availability of the CI and CD pipelines of key Business teams
• Work effectively with various stakeholders from development, quality assurance (QA), program management, and security teams
• Work with various stakeholders and business teams to provide security automation tools maintenance training
• Build internal knowledge, processes, KPIs, and tools
• Create artifacts for various stakeholders and customers
Key Competencies:
• 5+ cyber security expertise
• Minimum 3+ years experience in application security (preferably with DevSecOps Implementation)
• Understanding of DevSecOps / CI/CD Integration and Agile Security testing methodology
• Good understanding of secure software development lifecycle processes across technologies
• Strong knowledge on methodologies like OWASP , SANS etc.
• Ability to conduct vulnerability assessment and penetration testing using popular tools Fortify, Veracode, Rational AppScan, BurpSuite, etc.
• Understanding of DevSecOps / CI/CD Integration and Agile Security testing methodology
• Security Certifications preferred – CEH, OSWE, CSSLP, GWAPT
• Experience of at least one cloud platform (Azure, GCP).
• Experience in at least one scripting language (Bash, Python, Ruby etc)
• Experience containerization and Kubernetes
• Experience of automating and templating security processes and documentation for compliance purposes.
• Experience of at least one Infrastructure as Code solution (Terraform, SCALR, Ansible, Chef etc)
Successful candidates must be fully vaccinated against infection by COVID-19. Candidates who are unable to be vaccinated due to a personal characteristic protected under applicable human rights legislation may request to be exempt from this requirement. We will do our best to accommodate those who are unable to be vaccinated.
Job 59918
Application Security Analyst • Vancouver, BC, Canada (On-site)
Clio is the global leader in legal AI technology, empowering legal professionals and law firms of every size to work smarter, faster, and more securely.We are transforming the legal experience by b... Voir plus
Centric Software® is a global leader, providing an innovative and AI-enabled product-concept-to-commercialization platform for retailers, brands and manufacturers of all sizes.We equip retail, fash... Voir plus
Join Precision Drilling as an Endpoint Security Analyst focused on enhancing the efficiency and security of our digital workspaces.Be part of a team that values integrity and collaboration.In this ... Voir plus
The Security Analyst, Triage provides technical security expertise and support for the threat monitoring & triage team within the Global Security Operations Center (GSOC).This role protects RBC and... Voir plus
Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well.We owe our success... Voir plus
A leading Canadian law firm is seeking a Senior Security Analyst for their Vancouver office.The ideal candidate will possess at least 7 years of relevant experience and hands-on knowledge in securi... Voir plus
Please review this posting in detail and self-assess your eligibility, before applying.PwC Canada is sourcing for two (x2) Secret (Level II) security cleared, Senior Oracle Application Developer, C... Voir plus
Proud to be 100% Canadian-owned, Northland Properties' are recognized as one of the most trusted names in hotels, restaurants, resorts, sports, construction, and asset management.Our well-known and... Voir plus
Offensive Security Analyst (Structured / Non-Exploit) — AI Training.What if your deep understanding of how attackers think could directly shape how AI reasons about cybersecurity threats? We're loo... Voir plus
Shape the future of application security as an Application Security Architect with a focus on DevSecOps.Spearhead security integration efforts, vulnerability scanning, and proactive measures within... Voir plus
Enhance application security at Workleap as the Application Security Manager.This role ensures security is embedded into every stage of software development within a collaborative environment.As pa... Voir plus
Senior Application Security Engineer at Spring Financial Join to apply for the.Senior Application Security Engineer.About Us Spring Financial is revolutionizing financial access for Canadians, prov... Voir plus
At Mechanical Orchard, we specialize in safely rewriting the most critical and complex business applications—the software that runs the world as we know it today—so they’re ready to adapt quickly a... Voir plus
A leading tech startup is looking for a Sr.Application Security Engineer to oversee security standards for their products.This role involves deep security assessments, threat modeling, and integrat... Voir plus
Remote from the UK - to work for an International US-based company.Workday security area – focusing on Workday HR user, domain, business process, and integrations security, privacy, audit, controls... Voir plus
Trulioo seeks a Cloud Application Security Engineer to lead security initiatives in a hybrid work setup.Engage your cloud security skills to protect vital SaaS applications.This full-time position ... Voir plus
A technology company is seeking a Senior Security Operations Center Analyst to lead SOC investigations and mentoring of junior staff.The role requires significant experience in cloud security and i... Voir plus
Web3 through industry-leading blockchain infrastructure.As the leading provider of staking solutions,.Our clients trust Figment for a comprehensive suite of services, including.Backed by a team of ... Voir plus
