Role: Vulnerability management (Remote, Canada)
Location: Remote (Canada)
Employment Type: Contract
Work Authorization: Open Work Permit (OWP), PR, Canadian Citizen only
Mandatory skills for vulnerability management we are looking for the candidate having below key skills:
Regarding skills for appsec. We need below hands-on experience and not only tool based.
AppSec:
Web Application Security
Mobile Application Security
API Security
SAST (Static Application Security Testing), SCA (Software Composition Analysis)
Vulnerability Management lifecycle
VM: Risk Assessment & Prioritization
Ability to assess vulnerabilities based on risk, not just severity—considering CVSS scores, exploitability, asset criticality, business impact, and threat intelligence to prioritize remediation effectively.
Vulnerability Scanning & Tool Proficiency
Hands-on expertise with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7, OpenVAS) and the ability to interpret scan results accurately, reduce false positives, and tune scans for different environments.
Patch & Remediation Management
Strong coordination skills to drive timely patching and mitigation—working with IT, cloud, DevOps, and application teams to remediate vulnerabilities while minimizing operational and business disruption.
Reporting & Stakeholder Communication
Ability to translate technical vulnerability data into clear, actionable reports for different audiences (engineers, management, auditors), including dashboards, trends, SLAs, and risk narratives.
Compliance & Continuous Improvement
Knowledge of security frameworks and standards and the skill to embed vulnerability management into continuous security processes, audits, and metrics-driven improvement.
Job Description:
"Summary
The Vulnerability Management Specialist – Application Security is responsible for end to end management of application security vulnerabilities across the SDLC using SAST, DAST, and SCA tools, with a strong focus on risk based prioritization, remediation tracking, and posture visibility through ASPM platforms.
Technical Skills
Strong hands on experience with:
• SAST (e.g., AppScan, Check Marx, GitHub Advanced Security)
• DAST tools and runtime testing approaches
• SCA / OSS security and dependency risk analysis
Working knowledge of ASPM platforms and vulnerability aggregation.
Understanding of OWASP Top 10, secure coding practices, and application threat models.
Soft Skills:
• Must be from global support background.
• Strong documentation, presentation, and communication skills
Experience
• 8-10 + years of experience in application security or vulnerability management roles.
• Experience supporting enterprise scale AppSec programs with multiple applications and teams.
Key -Responsibilities
• Interpret findings across SAST, SCA, Secrets, API and Mobile scanning (tools like GitHub Advanced Security, Traceable, etc)
• Hand-off findings to development teams for remediation
• Provide technical remediation assistance to product development teams
• Track and report remediation progress
• Facilitate extension requests for remediation timelines
• Collaborate across teams using JIRA for ticketing and dashboards
• Familiarity with RBVM/ASPM tools like ArmorCode, Seemplicity, Brinqa a plus.
• Should have good knowledge of information security areas as Vulnerability Management Lifecycle, hardening controls (CIST, NIST) etc.
• Good understanding of information security related fields, including security operations and administration
• Should possess good understanding of assets, threats and vulnerabilities and their correlation in an organization
• Good understanding of vulnerability reports from tools like Qualys/ Tenable etc.
• Hands on experience on vulnerability prioritization tool, RiskSense or Kenna would be a plus
• Strong practical knowledge of vulnerability remediation tracking across infrastructure, applications, and teams/ 3rd parties
• Knowledge on vulnerability exception management process
• Strong practical knowledge on presenting vulnerability remediation tracking updates to the management
• Hands on experience on vulnerability patching
• Should have a good customer handling skill
• Good to have Experience on vulnerability scanning tools Like Qualys and Tenable.
Remote Vulnerability Management Specialist Application Security • Sainte-Therese, Quebec
Become the Lead EHS Specialist focused on improving safety and compliance initiatives.Enhance operational performance while meeting federal and provincial EHS requirements.As an EHS Lead, you will ... Show more
Telecom Expense Management Analyst (Contract).Canada (9am – 5pm EST working hours).Global Technology / Enterprise IT.A large, multinational technology organization is seeking a.Telecom Expense Mana... Show more
Contribuez à la sécurité des actifs numériques en tant qu'analyste en cybersécurité et audit des systèmes d'information.Engagez-vous dans un environnement dynamique régulé par des normes strictes.A... Show more
Location: CA-QC-MIRABEL-M01 ~ 11155 Julien-Audette ~ M01 BLDG.Spécialiste des essais en vol (Flight Test Specialist).Pratt & Whitney Canada is a global leader in aerospace innovation headquartered ... Show more
Telecom Expense Management Analyst (Contract).Canada (9am – 5pm EST working hours).Global Technology / Enterprise IT.A large, multinational technology organization is seeking a.Telecom Expense Mana... Show more
According to CCQ (Quebec Construction Commission) rates.Blasting operations on various construction sites across Quebec;.Blasting in urban environments with nearby buildings;.Lead and execute blast... Show more
BET99 is Canada's Premiere Online Sportsbook and Casino.Launched in 2020, we have consistently innovated the online gaming landscape every step of the way, exponentially growing our customer base a... Show more
BET99 is Canada's Premiere Online Sportsbook and Casino.Launched in 2020, we have consistently innovated the online gaming landscape every step of the way, exponentially growing our customer base a... Show more
TekWissen is a global workforce management provider headquartered in Ann Arbor, Michigan that offers strategic talent solutions to our clients world-wide.Our client is a global provider of managed ... Show more
A global workforce management provider is looking for a candidate in Kirkland, Canada, to image laptops using AutoPilot and assist users both onsite and remotely.Key responsibilities include gather... Show more
Salute is a leading provider of cutting-edge Data Center Infrastructure Services, dedicated to serving data center clients worldwide.We pride ourselves on delivering sustainable solutions, unparall... Show more
Sage X3 Application Consultant (Financials).Remote (Canada-based candidates preferred).Our client is seeking an experienced Sage X3 Application Consultant with a strong background in Financials to ... Show more
Dans un contexte de forte croissance et de projets de plus en plus complexes, noxe souhaite renforcer son équipe terrain à notre succursale de Saint‑Eustache.Nous cherchons un(e) Installateur(trice... Show more
Sage X3 Application Consultant (Financials).Remote (Canada-based candidates preferred).Our client is seeking an experienced Sage X3 Application Consultant with a strong background in Financials to ... Show more
A major aerospace firm in Mirabel, Quebec is seeking a Software Specialist (SWS) to support Government of Canada programs.The ideal candidate will manage software configuration for aircraft and gro... Show more
GENERAL DYNAMICSproduits de défense et Systèmes tactiques - Canada Développement et fabrication de munitions et de propulsifs destinés aux forces militaires.Le soucie la qualité de nos produits et ... Show more
Elevate your career as a Senior Contracts Specialist in the satellite systems sector.Leverage your expertise in contract negotiation and development while working in a dynamic space environment.Thi... Show more
At Analytichem we are looking for inquisitive individuals to help us build a global organization that enables our customers’ science.Our products help customers make better measurements in analytic... Show more
Soyez un acteur clé dans la gestion des programmes de sécurité.Ce rôle contractuel offre une chance d'influencer la culture de sécurité dans un cadre professionnel.Sous la direction des responsable... Show more
Employment Hero a pour mission de simplifier et de valoriser l’emploi pour tous.Notre système d’exploitation de gestion de l’emploi réunit le recrutement, les RH, la paie et les avantages sociaux d... Show more
