Senior Security Analyst to implement application security processes and procedures into Softwar[...]
3 weeks ago
Senior Security Analyst to implement application security processes and procedures into Software Development Lifecycles with one of our major banking clients- 34099
Location Address: Scarborough (1-2 day a month in office flexible on which days)
Contract Duration: ASAP until Oct 31, 2024 (High chance of extension)
Story Behind the Need:
- Business Group: Bank’s Information Security & Control (IS&C)’s Enterprise Security Services – Application Security is responsible to improve security practices and, through that, to find and preferably prevent security issues within applications.
- Project: The Application Security team has global accountability and is highly supportive of the Bank’s business, enabling execution of the Bank’s strategies, operations, and services, while ensuring that appropriate application security practices are adhered to. This function provides core competency in proactively detecting application code flaws and/or bugs while working with the appropriate teams in instituting appropriate controls to mitigate risks, specifically as it pertains to web application vulnerabilities and threats. This candidate will be expected to work closely with the application development groups to integrate application security processes and procedures into the software development lifecycle.
Must Have Skills/Requirements:
- 10+ years of Experience as an IT Security Analyst
- Experience with multi-tier Web Applications, web API , and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common Vulnerabilities and Exposures).
- Must have a comprehensive understanding of the OWASP Application Security Verification Standard (ASVS), and have proven working experience applying the ASVS.
- Experience performing source code and/or application security assessments, including risk assessments, and penetration testing. The ability to demonstrate exploitation of vulnerabilities is essential, as would experience with vulnerability testing and scanning tools such as Checkmarx, BurpSuite, Acunetix, NetSparker, WebInspect, AppScan, SQLMap, ZAP, and Fortify.
Nice to have Skills:
- An understanding of gateway technologies and network devices such as Load Balancers, Proxies, IPS, WAF, API Gateway.
- The ability to generate reports and tailor his/her communication strategy for various levels of technical staff, executive management, and business clients.
Education : Bachelors/ degree related field
Typical Day in the Role:
- The incumbent is responsible for supporting the Senior Manager, Director, VP, SVP and CISO in achieving IS&C Strategic goals through various processes, including:
- Develop and/or enhance strategies and processes to manage web application security vulnerabilities and threats for both transactional and marketing/informational web sites.
- Develop and/or enhance communication model to manage web application vulnerability remediation with the development and infrastructure support teams in support of risk management practices on behalf of the business owner.
- Responsible for developing and/or enhancing the strategies and processes to identify, analyze, and communicate application vulnerabilities as per the CISO Directive and published communication process flows.
- Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk.
Interview Process:
1 Round of Interviews:
- 1 hour long panel interview with the HM and the Team (6 members)
-
Old Toronto, Ontario, Canada S I Systems Full timeSenior Security Analyst to implement application security processes and procedures into Software Development Lifecycles with one of our major banking clients- 34099Senior Security Analyst to implement application security processes and procedures into Software Development Lifecycles with one of our major banking clients- 34099 Location Address: Scarborough...
-
Senior Information Security Analyst
3 weeks ago
Old Toronto, Canada Security Bank & Trust Co. Full timeOur client, a major post-secondary institution, is looking to bolster their security program with the addition of two Senior Security Analysts. The main focus of the role will be to work alongside leadership in managing the program as a whole. Your input will be instrumental in the further development of their program.Experience1. Minimum 5 years of...
-
Senior Information Security Analyst
3 weeks ago
Old Toronto, Canada Security Bank & Trust Co. Full timeOur client, a major post-secondary institution, is looking to bolster their security program with the addition of two Senior Security Analysts. The main focus of the role will be to work alongside leadership in managing the program as a whole. Your input will be instrumental in the further development of their program.Experience1. Minimum 5 years of...
-
IT Security Analyst
3 weeks ago
Old Toronto, Canada Security Bank & Trust Co. Full timeMust Have Skills/Requirements: 1) 10+ years of Experience as an IT Security Analyst 2) A strong understanding of multi-tier Web Applications, web API, and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common...
-
IT Security Analyst
3 weeks ago
Old Toronto, Canada Security Bank & Trust Co. Full timeMust Have Skills/Requirements: 1) 10+ years of Experience as an IT Security Analyst 2) A strong understanding of multi-tier Web Applications, web API, and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common...
-
IT Security Analyst
6 days ago
Old Toronto, Ontario, Canada Security Bank & Trust Co. Full timeMust Have Skills/Requirements:1) 10+ years of Experience as an IT Security Analyst2) A strong understanding of multi-tier Web Applications, web API, and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common Vulnerabilities and...
-
Software Engineer II, Platform Security
1 week ago
Toronto, Canada Abnormal Security] Full timeJob Description:Job Description About the Role Abnormal Security is looking for a Software Engineer II who is a solid software developer with a strong interest in Security & Privacy to join the Platform Security team. The Platform Security team owns the Security and Privacy platform services and infrastructure to uphold industry standards for the company's...
-
Software Engineer II, Platform Security
6 days ago
Toronto, Ontario, Canada Abnormal Security] Full timeJob Description:Job Description About the Role Abnormal Security is looking for a Software Engineer II who is a solid software developer with a strong interest in Security & Privacy to join the Platform Security team. The Platform Security team owns the Security and Privacy platform services and infrastructure to uphold industry standards for the company's...
-
IT Security Analyst
3 weeks ago
Old Toronto, Canada Finance Professionals Inc. Full timeTypical Day in the Role:• The incumbent is responsible for supporting the Senior Manager, Director, VP, SVP and CISO in achieving IS&C Strategic goals through various processes, including:• Develop and/or enhance strategies and processes to manage web application security vulnerabilities and threats for both transactional and marketing/informational web...
-
IT Security Analyst
3 weeks ago
Old Toronto, Canada Finance Professionals Inc. Full timeTypical Day in the Role:• The incumbent is responsible for supporting the Senior Manager, Director, VP, SVP and CISO in achieving IS&C Strategic goals through various processes, including:• Develop and/or enhance strategies and processes to manage web application security vulnerabilities and threats for both transactional and marketing/informational web...
-
Security Supervisor
5 days ago
Toronto, Ontario, Canada Paladin Security Full timeSecurity Supervisor - Toronto - Full TimeJob Description: Responsible for all of the activities undertaken by their platoon. Ensures that security operations occur consistent with policy, Standing Orders and rule of law.Supervises, coaches and develops assigned staff.Develops performance management plans and IDP (Individual Development Plans) for their...
-
Senior Security Analyst
4 weeks ago
Old Toronto, Canada Cyderes Full timeCyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility...
-
Senior Security Analyst
4 weeks ago
Old Toronto, Canada Cyderes Full timeCyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility...
-
Senior Security Analyst
4 weeks ago
Old Toronto, Canada Cyderes Full timeCyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility...
-
Application Security Analyst, Information Security
2 months ago
Toronto, Canada First National Full timeWe are hiring an Application Security Analyst, Information Security! The Role: We're seeking an Application Security Analyst well-versed in risk analysis, vulnerability assessment methodologies, and information security concepts. Your role involves supporting security risk assessments for both internally developed and third-party/open-source...
-
Toronto, Canada First National Full timeWe are hiring an Application Security Analyst, Information Security! The Role: We're seeking an Application Security Analyst well-versed in risk analysis, vulnerability assessment methodologies, and information security concepts. Your role involves supporting security risk assessments for both internally developed and third-party/open-source...
-
Security Program Manager
2 weeks ago
Toronto, Canada Paladin Security Full timeSecurity Program Manager The Regional Programs Manager will provide value to internal and external stakeholders through the auditing of existing processes, forecasting organization trends and needs and the implementation of best practices to ensure Paladin continues to be the leader in the contract security industry. **Why Choose Paladin** - Extensive Paid...
-
Physical Security Enablement Senior Analyst
16 hours ago
Old Toronto, Canada Equinix, Inc. Full timeWho are we?Equinix is the world’s digital infrastructure company, operating over 250data centers across the globe. Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with...
-
Physical Security Enablement Senior Analyst
18 hours ago
Old Toronto, Canada Equinix, Inc. Full timeWho are we?Equinix is the world’s digital infrastructure company, operating over 250data centers across the globe. Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with...
-
Security Analyst
2 weeks ago
Toronto, Canada Aviso Wealth Full time**Aviso Wealth**: **The Opportunity**: We’re looking for a Security Analyst to join or Information Security team. This role can be mostly remote, however we will on occasion require you to come onsite to our office at 151 Yonge St, Toronto, ON. Reporting to the Senior Manager of Information Security, the Security Analyst is responsible for ensuring the...
