Talent.com
407 ETR
Application Security Analyst407 ETR • Woodbridge, Ontario
Application Security Analyst

Application Security Analyst

407 ETR • Woodbridge, Ontario
21 hours ago
Salary
CA$95,000.00 yearly
Job type
  • Full-time
Job description

Title: Application Security Analyst

Department: Information Technology

Location: 6300 Steeles Ave West, Woodbridge

Total Potential Compensation: $95,000-$115,000

Position Summary:

As anApplication Security Analyst, you willbe responsible forsupporting and operating core security capabilities across 407 ETR’s digital environment, with a primary focus on application security. This includes promoting secure-by-design practices throughout the SDLC and supporting the integration and operation of security tooling and automation, such as SAST, DAST, SCA, ASPM, and penetration testing services. You will work closely with Architecture, DevOps, QA, Product teams, and external partnerstoembed security controls into requirements, design, development, testing, and release activities, andtrackand manage security vulnerabilities through remediation.Thisrole also contributes to improving the overall cyber and technology risk posture, with measurable improvements reflected in the Technology and Cyber Risk Indices (TRI/SRI).

Hours of work are onsite, Monday to Friday, 7.5 hours daily, or asrequired. After-hours support and on-call duties may berequiredfor priority releases or security incidents.

Position Responsibilities:

AppSec Strategy & SDLC Integration

  • Embedsecurity requirementsandnon‑functional controls into epics, features, and user stories;maintainsecurity traceability throughout the lifecycle.

  • Leadthreat modelingat design time for new and changed services (web, mobile, APIs, microservices) and ensure mitigations are implemented prior to coding.

  • Define and operateSDLC security gates(pre‑commit, build, test, deployment) with policy‑driven thresholds (e.g., fail on Critical/High) and exceptions governance.

DevSecOpsTooling & Automation

  • Implement and tuneSAST, DAST, SCAandASPMintegrations within CI/CD, ensuring coverage, accuracy, and developer‑friendly feedback loops; coordinatePTaaScycles aligned to release schedules

  • Partner with DevOps to secure build pipelines, artifacts, and environments (e.g.,IaCscanning, container image hardening, secrets management, SBOM generation and validation)

  • Work with platform teams to evolve pipelines consistent with the 407 ETR DevOps framework andfuture‑stateCI/CD models

Findings Management & Risk Reporting

  • Operate aunified findings intake(ASPM as system of record) for automated tool outputs and manual assessments; triage, prioritize, and track remediation to closure

  • Apply ariskbased SLAmodel (severity, exploitability, asset criticality) and escalate overdue items; publish weekly triage outcomes and monthly KPIs.

  • Report AppSec posture usingTRI/SRIaligned metrics (e.g., unresolvedcriticals, mean‑time‑to‑remediate, coverage, policy conformance)

Secure Engineering Enablement

  • Providesecure coding guidance, sample patterns, and remediation support for developers; deliver targeted training and office hours

  • Collaborate onarchitecture reviews, pen‑test scoping, and change risk assessments for web andmobile(using established change‑type workflow)

  • Contribute to AppSecpolicies/standardsand improve documentation (playbooks, runbooks, “definition of done” security criteria)

AdditionalTechnical Experience

  • Experience withData Loss Prevention (DLP) technologiesand controls, including policy configuration, monitoring, and incident investigation, isrequired

  • Experience withSingle Sign-On (SSO) integrationsand identity federation protocols is an asset.

Compliance & Vendor Management

  • Ensure controls align withPCI DSS Secure SDLC,ISO 27001/27002, andNISTDevSecOpsguidance (e.g., SP 800204D); support internal/external audits and evidence collection

  • Manage AppSec vendor relationships and deliverables per theApplication Security Managed Servicescope (ASPM,PTaaS, continuous monitoring)

Note:This job description is not intended to be all-inclusive. The employee may perform other related duties, as assigned, to meet the ongoing needs of the organization.

Qualifications

  • Minimum 5+ years of experience in IT Security, with strong hands-on experience in Security Operations.

  • College Diploma or University Degree in Computer Science, Engineering, or related field.

  • EDR platforms (e.g., endpoint containment, alert triage, investigation).

  • NDR technologies and network-based threat detection.

  • Security Incident Response and Investigation.

  • Strong understanding of attacker techniques and defensive controls (MITRE ATT&CK).

  • Experience working in regulated or audit-driven environments.

  • Strong understanding of authentication, authorization, MFA, RBAC, and privileged access concepts.

  • SSO Authentication: Experience implementing and supporting SSO solutions for secure user access across enterprise applications.

PreferredQualifications

  • Knowledge of standing up a mature Application Security framework

  • Experience with enterprise SOC tooling including SIEM, EDR, NDR, SOAR.

  • Experience operating security controls in hybrid (on‑prem and cloud) environments.

  • Familiarity with Security Risk Index (SRI), cyber risk metrics, or risk-based reporting.

  • Knowledge of network architecture and segmentation concepts.

We are actively seeking to fill this role as it is a current vacancy.

About 407 ETR

Highway 407 ETR is an all-electronic open-access toll highway located in the Greater Toronto Area in Ontario, Canada. The highway spans 108 kilometres from Burlington in the west to Pickering in the east.

407 International Inc. is the sole shareholder of 407 ETR and is owned by:

  • Cintra Global S.E., a subsidiary of Ferrovial S.A. (48.29%)

  • Canada Pension Plan Investment Board (CPP Investments) and other institutional investors with non-controlling interests (44.20%)

  • Public Sector Pension Investment Board (PSP Investments) (7.51%)

Learn more at

Note:

Create a job alert for this search

Application Security Analyst • Woodbridge, Ontario

Similar jobs

Canada- Security Analyst I

PointClickCareMississauga, Peel Region, CA
Full-time

For Remote Roles: If this role is remote, there will be in‑office events that will require travel to and from the Mississauga and/or Salt Lake City office.These will include, but are not limited to... Show more

 • Promoted

IT Security Risk Analyst

Onico SolutionsMississauga, Peel Region, CA
Permanent

The IT Security Risk Analyst supports the Information Security Risk Management and Governance programs.They work with technology and business stakeholders to identify Information Security risks, co... Show more

 • Promoted

Cyber Security Architect

Intuitive.aiMississauga, Peel Region, CA
Full-time

Talent Acquisition Leader | Hiring Cloud Professionals Globally.Cloud is one of the fastest-growing (INC 5000, CRN) Cloud & SDx solution and services companies supporting enterprise customers on a ... Show more

 • Promoted

Strategic Information Security Architect

ColliersMississauga, Peel Region, CA
Full-time

Transform global security architecture as a Strategic Information Security Architect.Spearhead cloud migration security strategies while ensuring systems are secure and compliant.This pivotal role ... Show more

 • Promoted

Principal Security Analyst - Remote

CyderesMississauga, Peel Region, CA
Remote
Full-time

Be among the first 25 applicants.Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and acce... Show more

 • Promoted

Senior Analyst, Security Compliance

P2PMississauga, Peel Region, CA
Full-time

Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.Kraken is a mission-focused company roote... Show more

 • Promoted

IAM Governance Analyst (SailPoint) Remote

Nexus Systems Group Inc.Mississauga, Peel Region, CA
Remote
Full-time

A leading technology consulting firm is seeking an IT Security Analyst to support the IAM Governance team.The role involves overseeing access management and ensuring compliance with security measur... Show more

 • Promoted

Analyst III, Security Operations

LibertyOakville
Full-time

At Algonquin-Liberty, we hire passionate people who care about doing the right thing for our customers.We are entrepreneurial, creative, and outcome-focused.Here, your natural talent and achievemen... Show more

 • Promoted

Senior Cloud & Application Security Engineer (Remote)

Perseus Group, Constellation SoftwareMississauga, Peel Region, CA
Remote
Full-time

A leading technology firm is seeking a cybersecurity professional to design and implement security controls across cloud platforms.The role emphasizes vulnerability management and threat response.C... Show more

 • Promoted

Hybrid Senior Security Analyst - Threat & PCI Lead

Longo'sVaughan
Full-time

A leading retail company is seeking a Senior Security Analyst to protect its systems and data.The role involves overseeing threat detection and response, incident management, and security tool inte... Show more

 • Promoted

Oracle cloud security admin

HCLTechMississauga, Peel Region, CA
Full-time

Collaborate with the Client Security Team to document, implement, and refine Oracle Cloud roles and responsibilities to align with project milestones.Define and document user provisioning processes... Show more

 • Promoted

Senior Security Analyst

OpTalent | RecruitmentMississauga, Peel Region, CA
Full-time

Get AI-powered advice on this job and more exclusive features.Lead daily security operations across endpoints, networks, and cloud systems.Investigate and respond to potential threats, malware, and... Show more

 • Promoted

Security Operation Assistant Internship

Baig SecurityBurlington, Halton Region, CA
Internship

Security Operation Assistant Internship.Add our snapchat: Baigservices.Baig Security Looking to hire a Security Opeartion Intern for our Mississasuga Office.Baig Secured is a Canadian security comp... Show more

 • Promoted

Senior Security Engineer Enhancing Product Integrity and Safety

AffirmMississauga, Peel Region, CA
Full-time

Become a pivotal force in product security as a Senior Product Security Engineer.Engage in cross-functional collaboration to improve the security of innovative financial products in a remote role.T... Show more

 • Promoted

Expert Sécurité Application chez Workleap

WorkleapMississauga, Peel Region, CA
Full-time

Rejoignez Workleap à Montréal en tant qu'Expert en Sécurité des Applications pour renforcer la sécurité dans le développement agile.Intégrez vos compétences au sein d'une équipe dynamique et innova... Show more

 • Promoted

Lead Security Analyst - Data Protection Focus

IKO North AmericaMississauga
Full-time

Become a key player in cybersecurity at IKO Industries as a Senior Information Security Analyst in Mississauga, ON.Focus on data protection and incident response in a director capacity.This onsite ... Show more

 • Promoted

Application Security Analyst

IKOMississauga, Canada
Full-time

IKO is a Canadian owned and operated business with production facilities worldwide and has many years of unparalleled success in the roofing materials industry.Quality, integrity, and trustworthine... Show more

 • Promoted

Application Engineer - Security Tech Solutions (Remote)

SICK Sensor IntelligenceMississauga, Peel Region, CA
Remote

Sie entwickeln Applikationslösungen im Bereich Sicherheitstechnik.Bewerber benötigen ein Studium in Elektrotechnik und Erfahrung in der Elektrokonstruktion sowie gute Englischkenntnisse. Show more

 • Promoted

Application Analyst - Intermediate (Remote) JP855

PathlionMississauga, Peel Region, CA
Remote
Permanent

Enterprise Database Archival Service.Reporting to the Manager, Content and Collaboration Services (CCS), the Application Analysts primary role will be responsible for providing technical support, t... Show more

 • Promoted

Software Business Analyst - Alpha Bravo Development

Alpha Bravo Developmentburlington, on, ca
Full-time

We’re a fast-growing software development agency that helps service-based businesses across the U.Our team values ownership, innovation, and building long-term partnerships with clients.We’re looki... Show more