Talent.com
BMO
Application Security Automation EngineerBMO • Toronto, Ontario, Canada
Application Security Automation Engineer

Application Security Automation Engineer

BMO • Toronto, Ontario, Canada
7 days ago
Job type
  • Part-time
Job description
Application Deadline:

06/29/2026

Address:
100 King Street West

Job Family Group:

Technology

Hybrid work model - 2 days/week in office

The Application Security Automation Engineer reports to the Senior Manager of automated security testing team and supports security testing activities for BMO applications. This role is responsible for leading and maturing the bank's static application security testing (SAST) capabilities and partnering with application teams to reduce risk through secure coding practices, actionable findings, and integrated controls across the SDLC. Liaises with stakeholders to understand problems and opportunities and enables BMO to meet its goals by understanding business vision, objectives and KPIs. Participates in the execution of information security strategy.

Application Security Testing
  • Lead end-to-end SAST operations, including intake/scoping, onboarding, configuration, execution, triage, and reporting across diverse technology stacks.
  • Tune scan tools to reduce false positives and improve signal quality; provide secure code review and root-cause analysis support to development teams.
  • Contribute to other testing programs (SCA, DAST) and integration into CI/CD workflows as needed to support scan readiness, coverage validation, and triage of results.
  • Evaluate and adopt AI-assisted capabilities in security scanning/testing tools to improve triage speed, consistency, and remediation guidance.
  • Assess the security implications of LLM-enabled features on application threat models and emerging risks, e.g. supply chain integrity, prompt-driven workflows, RAG pipelines.
  • Identify gaps through risk-based assessments; recommend corrective actions for vulnerabilities and weaknesses; and support planning, tracking, and risk acceptance processes in alignment with regulatory expectations.
What you need to succeed:
  • Bachelor's Degree in a relevant discipline (Computer Science, Engineering, Math, Cyber Security)
  • Typically 5-7 years of relevant experience as a SAST / Automation Engineer with relevant experience integrating SAST into pipelines
  • 5+ years hands-on experience with static source code analysis (SAST) tools and dynamic application security (DAST) tools.
  • Strong knowledge of common coding languages (e.g. C#, JAVA, JavaScript, TypeScript, Python etc.) and ability to read/write code with minimal oversight.
  • 5+ years scripting/automation experience (e.g., Python, Node.js, Bash) to integrate testing and repeatable checks into engineering workflows.
  • Working knowledge of OWASP Top 10, and the OWASP Testing Guide or other secure coding frameworks, e.g. NIST Cyber Security Framework (CSF).
  • Solid understanding of secure coding frameworks and secure code reviews, code scanning software and vulnerability code scanning processes, network protocols and connectivity, risk-based assessment approach.
  • Understanding of information security risk and regulatory requirements.
Other Skills:
  • Exposure to securing LLMs, deploying LLMs in a secure fashion
  • Cybersecurity certification (CISSP, CISSLP, OSCP, GSEC etc.) is an asset
  • Experience contributing to SOPs, reusable templates, or security testing playbooks.
  • Self-motivated with a positive attitude and an ability to work independently and in a team
Salary :

$82,800.00 - $154,800.00

Pay Type:

Salaried

The above represents BMO Financial Group's pay range and type.

Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group's expected target for the first year in this position.

BMO Financial Group's total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards

About Us

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one - for yourself and our customers. We'll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we'll help you gain valuable experience, and broaden your skillset.

To find out more visit us at https://jobs.bmo.com/ca/en .

BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other's differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.

Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.
Create a job alert for this search

Application Security Automation Engineer • Toronto, Ontario, Canada

Similar jobs

Experienced Security Automation Engineer

KinaxisToronto, ON, CA
Full-time

Drive security innovation at Kinaxis as a Security Automation Engineer, specializing in automated security capabilities.This hybrid role bridges on-premises and cloud environments for effective sec... Show more

 • Promoted

Application Security Engineer/Developer

Stryker CorporationToronto, ON, CA
Full-time

Our Marsh Information Security team is seeking candidates for the following position based in NYC, Toronto or Louisville, KY and be onsite 3 days a week.The Application Security Engineer/Developer ... Show more

 • Promoted

Power Platform Engineer (Contract) – Automation & Security

Themesoft Inc.Toronto, ON, CA
Full-time

A leading IT services company in Toronto is looking for a Strategic Recruitment Manager to oversee HR operations and global hiring compliance.The ideal candidate will have over 6 years of IT experi... Show more

 • Promoted

Security Detection Engineer — SIEM/EDR, Cloud, Automation (Equity)

RobinhoodToronto, ON, CA
Full-time

A leading financial technology company in Toronto, Ontario, is seeking a Security Operations team member.The role involves investigating security alerts, developing detection rules, and collaborati... Show more

 • Promoted

Application Security Developer

AutodeskToronto, ON, CA
Full-time

Our team of security experts helps Autodesk design, build, deploy, and maintain secure products.We embed security across the full software development lifecycle—from inception and design to develop... Show more

 • Promoted

Movable Ink Product Security Engineering Role

Movable InkToronto, ON, CA
Full-time

Join Movable Ink as a Product Security Engineer, focusing on securing codebases and fostering safe development practices.Your expertise will directly impact our software delivery and security strat... Show more

 • Promoted

Application Security Software Engineer

PointClickCareToronto, ON, CA
Full-time

This range is provided by PointClickCare.Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.PointClickCare is a leading North American healthcare t... Show more

 • Promoted

Security Engineer

Compunnel, Inc.Toronto, ON, CA
Full-time

The Security Engineer is responsible for enhancing application and cloud security by integrating security practices, automation, and tooling throughout the software development lifecycle.This role ... Show more

 • Promoted

Senior Security Engineer, Application & Platform Security

SentryToronto
Full-time

Senior Security Engineer, Application & Platform Security.The Security Team is responsible for securing all things Sentry: our customers, our code, and everything in between.We are a small but grow... Show more

 • Promoted

Lead SOAR Engineer — Automate Security Operations

Take-Two InteractiveToronto, ON, CA
Full-time

A leading interactive entertainment developer in Ontario is seeking a Lead Security Operations Engineer to design and manage their Security Orchestration, Automation, and Response (SOAR) platform.T... Show more

 • Promoted

Lead DevSecOps Engineer - AWS Security & Automation

Autodesk, Inc.Toronto, ON, CA
Full-time

A leading software company in Toronto is hiring a DevSecOps Engineer to lead security initiatives across customer data and infrastructure.The role involves implementing security frameworks, automat... Show more

 • Promoted

Application security automation engineer

BMO Financial GroupToronto
Part-time

Date limite pour présenter sa candidature : 06/29/2026.Adresse : 100 King Street West.Groupe de famille d'emploi : Technologie.Hybrid work model - 2 days/week in office.The Application Security Aut... Show more

 • Promoted

Application Security Engineer/Developer

National Asset Mgmt IncorporatedToronto, ON, CA
Full-time

Our Marsh Information Security team is seeking candidates for the following position based in NYC, Toronto or Louisville, KY and be onsite 3 days a week.The Application Security Engineer/Developer ... Show more

 • Promoted

Staff Security Engineer, Application Security (Hybrid)

HomebaseToronto, ON, CA
Full-time

At Homebase, you’ll join a team that’s bold, fast-moving, and obsessed with helping small businesses thrive.We build with empathy, act with urgency, and take big swings that drive real-world impact... Show more

 • Promoted

Senior Application Security Engineer

CognizantToronto, ON, CA
Full-time

Job Title - App Security Specialist.DevOps, with at least 2 - 3 years hands-on security exposure (secure coding, pipeline security, API security, threat modeling).Seniority level: Mid-Senior level.... Show more

 • Promoted

Senior Security Engineer: Scale Secure, Automate & Build

RootlyToronto, ON, CA
Full-time

A leading tech startup in Toronto is seeking an experienced Security Engineer to join their team.The ideal candidate will have over 5 years of experience in an enterprise environment, focusing on s... Show more

 • Promoted

Application Security Engineer/Developer

MarshToronto
Full-time

Our Marsh Information Security team is seeking candidates for the following position based in Toronto, ON and on‑site 3 days a week.The Application Security Engineer/Developer will act as a securit... Show more

 • Promoted

Insight Global Cloud Security Automation Engineer

Insight GlobalToronto, ON, CA
Full-time

Become a key player at Insight Global as a Cloud Security Engineer focused on automating compliance for GCP and Azure.This role emphasizes creating and implementing automated test cases within CI/C... Show more

 • Promoted

Remote MSP Engineer — Automation, Monitoring & Security

GPL TechnologiesToronto, ON, CA
Remote
Full-time

A technology services company is looking for a Centralized Services Engineer based in Canada to enhance client environments through proactive monitoring and automation.This remote position involves... Show more

 • Promoted

Senior Linux Security & Automation Engineer

FeatmateToronto, ON, CA
Full-time

A tech company in Canada seeks a Linux System Administration & Security Specialist to conduct a comprehensive security review of their Linux servers.The role involves auditing, hardening server con... Show more