Cybersecurity Analyst, Application Solutions

Company Description

American Iron & Metal (AIM) is a family-owned company and recognized global leader in the metal recycling industry with more than 125 sites and 4000 employees worldwide.

We have continued to prosper for the last eight decades thanks to the dedication of our employees and the ongoing trust and support of our customers.

Become part of team AIM, a growing team with an entrepreneurial spirit who has over the years evolved into a successful and multifaceted company with business divisions that include metal recycling, decommissioning and demolition, auto-parts sales and recycling, manufacturing of solder assemblies, construction waste recycling, and production of customized industrial and mining products.

We take pride in doing good things for the environment to help create a greener, more sustainable future for all.

It’s simple; we do it right. We AIM for excellence.

What we offer!

• Competitive salary + other perks
• Group insurance & RRSP program
• Company-wide events throughout the year (BBQ, Holiday party etc.)
• Free gym on site
• Two cafeterias on site (subsidized meal program available)
• Dynamic & rewarding work environment- work on high-impact, meaningful projects while also having fun!

Job Description

We are looking for an innovative and skilled Cybersecurity Analyst to join our security team. The successful candidate will be responsible for managing application vulnerabilities and supporting the software development lifecycle (SDLC) to integrate security practices by design and actively participate in SecOps activities.

This person will play a crucial role in protecting the business from threats to our applications.

• Cybersecurity Solution Design and Implementation : Develop and deploy strategies and tools to secure the company's IT assets.
• Application vulnerability analysis and management : Identify, analyze and manage vulnerabilities in the company's software applications using specialized tools (SonarQube, Invicti, Qualys, etc.

perform regular scans and take corrective actions by collaborating with the development teams to support the resolution.

• SDLC Support : Collaborate closely with development teams to integrate security measures (DevSecOps) from the earliest phases of software development (Security by design), ensuring that security is a priority at every stage of the cycle.
• Application Security Policy Definition : Establish and maintain security procedures for application development, including codification of secure coding best practices.
• Participate in SecOps activities : Improve security posture through continuous monitoring, incident management, and rapid response.
• Technology Watch : Stay informed of the latest trends and technologies in cybersecurity to anticipate and defend against new threats.
• Reporting and documentation : Write detailed reports on application vulnerabilities, security audits, and corrective actions taken.
• Training and mentoring : Provide training and guidance to developers on application security best practices and the importance of security in the development lifecycle.
• Cross-departmental collaboration : Work closely with the entire IT team and partners, specifically the development team, to integrate security practices into all aspects of application development.

Qualifications

• Degree in computer science, information security, or related field.
• Minimum 5 years of experience in a similar position
• Mastery of application vulnerability management tools, Cloud development and in-depth understanding of software development processes including the DevSecOps approach.
• Technical knowledge : Azure, AzureDevOps, AzurePipeline, Apps Security (dotnet prefered), OWASP, Qualys, SonarQube, SAST, and DAST tool.
• Certifications like CISSP, CEH, or CompTIA Security+ are preferred, with a particular focus on those focused on application security, such as GWAPT or CSSLP.
• Ability to analyze complex data and make recommendations based on analytics.
• Excellent communication skills and ability to collaborate effectively with development and security teams.

Additional Information

American Iron & Metal and its subsidiaries is an equal opportunity employer. All qualified applicants are given consideration regardless of race, religion, colour, gender, sex, age, sexual orientation, gender identity, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable employment laws.

Although we’d love to be able to speak with everyone that applies, due to the volume of applicants we receive and time constraints, only those selected to move forward will be contacted.