Current jobs related to Application Security Tester - Toronto ON - PEOPLE FORCE CONSULTING INC
-
Senior Performance and Security Tester
2 weeks ago
Toronto, Ontario, Canada Virtusa Full timeJob Title: Senior Performance and Security TesterAbout the Role:This is an exciting opportunity to join our team at Virtusa as a Senior Performance and Security Tester. As a key member of our testing team, you will be responsible for ensuring the quality and performance of our software applications. Key Responsibilities:Design and develop performance and...
-
Application Security Engineer
2 months ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will be responsible for improving our application security posture and keeping our platform safe for millions of customers around the world.Key ResponsibilitiesImprove Glassdoor's application security posture...
-
Application Security Engineer
2 months ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will be responsible for improving our application security posture and keeping our platform safe for millions of customers around the world.Key ResponsibilitiesImprove Glassdoor's application security posture...
-
Senior Security Penetration Tester
4 weeks ago
Toronto, Ontario, Canada Aon Full timeAbout the RoleWe are seeking a highly skilled Senior Security Penetration Tester to join our team at Aon. As a key member of our Proactive Security Testing team, you will be responsible for conducting complex penetration testing activities to assess the security of web applications, mobile applications, APIs, and thick clients.Key ResponsibilitiesPerform...
-
Senior Security Penetration Tester
4 weeks ago
Toronto, Ontario, Canada Aon Full timeAbout the RoleWe are seeking a highly skilled Senior Security Penetration Tester to join our team at Aon. As a key member of our Proactive Security Testing team, you will be responsible for conducting complex penetration testing activities to assess the security of web applications, mobile applications, APIs, and thick clients.Key ResponsibilitiesPerform...
-
Mobile Application Tester
1 month ago
Old Toronto, Ontario, Canada Nexus Systems Group Inc. Full timeJob Title: Mobile Application TesterWe are seeking a highly skilled Mobile Application Tester to join our team at Nexus Systems Group Inc.Job Summary:The successful candidate will be responsible for testing and validating the functionality of our mobile applications, ensuring they meet the highest standards of quality and performance.Key...
-
Mobile Application Tester
1 month ago
Old Toronto, Ontario, Canada Nexus Systems Group Inc. Full timeJob Title: Mobile Application TesterWe are seeking a highly skilled Mobile Application Tester to join our team at Nexus Systems Group Inc.Job Summary:The successful candidate will be responsible for testing and validating the functionality of our mobile applications, ensuring they meet the highest standards of quality and performance.Key...
-
Principal Application Security Lead
4 weeks ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security LeadJob Summary:Zynga is seeking a Principal Application Security Lead to join our team. As a key member of our security team, you will be responsible for leading application security initiatives to improve overall cybersecurity across our gaming products and services.Responsibilities:Collaborate with cybersecurity...
-
Principal Application Security Lead
3 weeks ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security LeadJob Summary:Zynga is seeking a Principal Application Security Lead to join our team. As a key member of our security team, you will be responsible for leading application security initiatives and improving overall cybersecurity across our gaming products and services.Responsibilities:Collaborate with...
-
Principal Security Penetration Tester, Canada
4 weeks ago
Toronto, Ontario, Canada Aon Hewitt Full timeAbout the RoleWe are seeking a highly skilled Principal Security Penetration Tester to join our team in Canada. As a senior member of our penetration testing team, you will be responsible for performing complex penetration testing activities, including web application security assessments, infrastructure penetration testing, and code review.Key...
-
Principal Security Penetration Tester, Canada
4 weeks ago
Toronto, Ontario, Canada Aon Hewitt Full timeAbout the RoleWe are seeking a highly skilled Principal Security Penetration Tester to join our team in Canada. As a senior member of our penetration testing team, you will be responsible for performing complex penetration testing activities, including web application security assessments, infrastructure penetration testing, and code review.Key...
-
Penetration Tester
4 weeks ago
Toronto, Ontario, Canada Aon Hewitt Full timeJob Title: Principal Security Penetration TesterJoin Aon Hewitt's Proactive Security Testing team as a Principal Security Penetration Tester, where you will play a key role in assessing the security of web applications, mobile applications, APIs, and thick clients. As a senior member of the team, you will be responsible for conducting complex hybrid web...
-
Senior Application Security Engineer
1 month ago
Toronto, Ontario, Canada Glassdoor Full timeJoin Glassdoor's Security TeamWe're looking for a skilled Sr Application Security Engineer to help us protect our platform and ensure the security of our users' data.About the RoleThis is a unique opportunity to advance our application security program and drive remediation of security weaknesses with an enterprise-wide impact. As a Sr Application Security...
-
Senior Application Security Engineer
1 month ago
Toronto, Ontario, Canada Glassdoor Full timeJoin Glassdoor's Security TeamWe're looking for a skilled Sr Application Security Engineer to help us protect our platform and ensure the security of our users' data.About the RoleThis is a unique opportunity to advance our application security program and drive remediation of security weaknesses with an enterprise-wide impact. As a Sr Application Security...
-
Senior Application Security Specialist
3 weeks ago
Toronto, Ontario, Canada RSM Full timeWe are the leading provider of professional services to the middle market globally, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience. You'll find an environment that inspires and empowers you to thrive both personally and professionally.RSM is...
-
Principle Penetration Tester
6 months ago
Toronto, Canada Scotiabank Full timeRequisition ID: 176644 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. **The Team** Scotiabank’s Cyber Security Red Team is responsible for delivery of offensive security services across Scotiabank globally, conducting annual & release penetration testing engagements, control effectiveness testing,...
-
Senior Application Security Engineer
2 months ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Sr Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will play a critical role in improving our application security posture and ensuring the safety of our platform for millions of users worldwide.As a Sr Application Security Engineer, you will be responsible...
-
Senior Application Security Engineer
2 months ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Sr Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will play a critical role in improving our application security posture and ensuring the safety of our platform for millions of users worldwide.As a Sr Application Security Engineer, you will be responsible...
-
Principal Application Security Engineer
4 weeks ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security EngineerJob Summary:Zynga is seeking a highly skilled Principal Application Security Engineer to join our team. As a key member of our security team, you will be responsible for leading application security initiatives, collaborating with product teams, and driving security engineering thought...
-
Principal Application Security Lead
1 month ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security EngineerJob Summary:Zynga is seeking a highly skilled Principal Application Security Engineer to join our team. As a key member of our cybersecurity team, you will be responsible for leading application security initiatives, improving overall cybersecurity across our gaming products and...
Application Security Tester
2 months ago
Application Security Tester / Pen tester / Penetration tester
Contract duration: 12+ Months
Location: Toronto - Remote
This is a key role within the application delivery team, validating the security of the application throughout the SDLC. The candidate will work closely with architects, tech leads, IT security team, testing team, and product owners to understand the requirements, design and develop appropriate security abuse cases, execute, and produce reports.
Responsibilities
- Conduct technical scoping of security testing activities required in a project.
- Define abuse cases, and Execute security tests using a broad range of tools to discover and exploit possible vulnerabilities and weaknesses within cloud, on-prem and hybrid environments
- Bring in appropriate tools to the organization and set up relevant testing configurations to enhance practical testing processes.
- Perform controlled and methodological attempts to exploit identified vulnerabilities, simulating real world attacks. Manual Pen testing.
- Perform application security assessments using industry standards OWASP ASVS, NIST, PCI DSS.
- Analyze and understand the impact and severity of exploits. Determine the risk and consequences that could result from these vulnerabilities.
- Document findings and remediation recommendations and collaborate with security consulting team and architects to ensure vulnerability findings are successfully and efficiently addressed.
- Provide guidance on implementing and/or improving secure software development processes
- Stay up to date with latest security vulnerabilities, techniques and industry best practices.
- Typical security testing activities:
- Conduct comprehensive penetration testing and vulnerability assessment on our network, system, and application.
- Conduct Vulnerability Assessment of applications to identify potential security risks. This involves using various industry tools like, Burp, Kali Linux, nmap, ZAP, Metasploit, wireshark, SQLMap, fuzzing tools and other open source tools.
- Software/Web Application penetration testing
- API penetration testing
- Mobile Application Penetration Testing
- Network Penetration Testing
- SAST and DAST
Requirements
- Bachelor’s degree in computer science or related field
- Candidate should have 5+ years of experience of application security testing
- Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open-Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
- Familiarity with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
- Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows
- Familiarity with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations
- Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc.) certifications