Current jobs related to Application Security Tester - Toronto ON - PEOPLE FORCE CONSULTING INC
-
Toronto, Ontario, Canada Aon Hewitt Full time $93,000 - $155,000About the RoleAon is seeking a highly skilled Principal Application Security Penetration Tester to join our Proactive Security Testing team. As a senior member of our team, you will be responsible for conducting complex hybrid web application security assessments, identifying vulnerabilities, and providing tailored recommendations for remediation.Key...
-
Toronto, Ontario, Canada Aon Hewitt Full time $93,000 - $155,000About the RoleAon is seeking a highly skilled Principal Application Security Penetration Tester to join our Proactive Security Testing team. As a senior member of our team, you will be responsible for conducting complex hybrid web application security assessments, identifying vulnerabilities, and providing tailored recommendations for remediation.Key...
-
Senior Performance and Security Tester
3 days ago
Toronto, Ontario, Canada Virtusa Full timeJob Title: Senior Performance and Security TesterAbout the Role:This is an exciting opportunity to join our team at Virtusa as a Senior Performance and Security Tester. As a key member of our testing team, you will be responsible for ensuring the quality and performance of our software applications. Key Responsibilities:Design and develop performance and...
-
Application Security Lead
5 months ago
Toronto, Canada Zynga Full timeAVAILABLE POSITIONS Application Security Lead Careers Category: Engineering Careers location: Remote, US, Toronto, Canada Connected Worker Type: Connected R_111916 Position Overview: Partnering with the Cybersecurity leadership, this role is responsible for engaging across Game Studios, Central Technology Teams and Cybersecurity...
-
Senior Security Penetration Tester
2 weeks ago
Toronto, Ontario, Canada Aon Full timeAbout the RoleWe are seeking a highly skilled Senior Security Penetration Tester to join our team at Aon. As a key member of our Proactive Security Testing team, you will be responsible for conducting complex penetration testing activities to assess the security of web applications, mobile applications, APIs, and thick clients.Key ResponsibilitiesPerform...
-
Senior Security Penetration Tester
3 weeks ago
Toronto, Ontario, Canada Aon Full timeAbout the RoleWe are seeking a highly skilled Senior Security Penetration Tester to join our team at Aon. As a key member of our Proactive Security Testing team, you will be responsible for conducting complex penetration testing activities to assess the security of web applications, mobile applications, APIs, and thick clients.Key ResponsibilitiesPerform...
-
Application Security Engineer
1 month ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will be responsible for improving our application security posture and keeping our platform safe for millions of customers around the world.Key ResponsibilitiesImprove Glassdoor's application security posture...
-
Application Security Engineer
1 month ago
Toronto, Ontario, Canada Glassdoor Full timeAbout the RoleWe are seeking a highly skilled Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will be responsible for improving our application security posture and keeping our platform safe for millions of customers around the world.Key ResponsibilitiesImprove Glassdoor's application security posture...
-
Application Security Lead
1 month ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Application Security LeadAt Zynga, we are seeking an experienced Application Security Lead to join our team. As a key member of our Cybersecurity team, you will be responsible for guiding proactive security assessments to identify vulnerabilities in our systems, applications, and network infrastructure.Key Responsibilities:Lead a team of 5-6...
-
Application Security Lead
1 month ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Application Security LeadAt Zynga, we are seeking an experienced Application Security Lead to join our team. As a key member of our Cybersecurity team, you will be responsible for guiding proactive security assessments to identify vulnerabilities in our systems, applications, and network infrastructure.Key Responsibilities:Lead a team of 5-6...
-
Mobile Application Tester
4 weeks ago
Old Toronto, Ontario, Canada Nexus Systems Group Inc. Full timeJob Title: Mobile Application TesterWe are seeking a highly skilled Mobile Application Tester to join our team at Nexus Systems Group Inc.Job Summary:The successful candidate will be responsible for testing and validating the functionality of our mobile applications, ensuring they meet the highest standards of quality and performance.Key...
-
Mobile Application Tester
4 weeks ago
Old Toronto, Ontario, Canada Nexus Systems Group Inc. Full timeJob Title: Mobile Application TesterWe are seeking a highly skilled Mobile Application Tester to join our team at Nexus Systems Group Inc.Job Summary:The successful candidate will be responsible for testing and validating the functionality of our mobile applications, ensuring they meet the highest standards of quality and performance.Key...
-
Senior Penetration Tester
1 month ago
Toronto, Ontario, Canada Scotiabank Full timeSenior Penetration TesterAre you a seasoned penetration tester looking to take your skills to the next level?We're seeking an experienced penetration tester to join our team at Scotiabank.As a penetration tester, you'll be responsible for identifying and exploiting vulnerabilities in our systems and applications.You'll work closely with our development teams...
-
Senior Penetration Tester
1 month ago
Toronto, Ontario, Canada Scotiabank Full timeSenior Penetration TesterAre you a seasoned penetration tester looking to take your skills to the next level?We're seeking an experienced penetration tester to join our team at Scotiabank.As a penetration tester, you'll be responsible for identifying and exploiting vulnerabilities in our systems and applications.You'll work closely with our development teams...
-
Application Security Lead
1 month ago
Toronto, Ontario, Canada Zynga Full timeApplication Security LeadZynga is seeking an experienced Application Security Lead to join our team. As a key member of our Cybersecurity team, you will be responsible for guiding proactive security assessments to identify vulnerabilities in our systems, applications, and network infrastructure.Key Responsibilities:Lead a team of 5-6 Penetration Testers to...
-
Application Security Lead
1 month ago
Toronto, Ontario, Canada Zynga Full timeApplication Security LeadZynga is seeking an experienced Application Security Lead to join our team. As a key member of our Cybersecurity team, you will be responsible for guiding proactive security assessments to identify vulnerabilities in our systems, applications, and network infrastructure.Key Responsibilities:Lead a team of 5-6 Penetration Testers to...
-
Principal Application Security Lead
2 weeks ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security LeadJob Summary:Zynga is seeking a Principal Application Security Lead to join our team. As a key member of our security team, you will be responsible for leading application security initiatives to improve overall cybersecurity across our gaming products and services.Responsibilities:Collaborate with cybersecurity...
-
Senior Penetration Tester
3 weeks ago
Toronto, Ontario, Canada Scotiabank Full timeSenior Penetration TesterAre you a seasoned penetration tester looking to take your skills to the next level?We're seeking an experienced penetration tester to join our team at Scotiabank.As a penetration tester, you'll be responsible for identifying and exploiting vulnerabilities in our systems and applications.You'll work closely with our development teams...
-
Senior Penetration Tester
3 weeks ago
Toronto, Ontario, Canada Scotiabank Full timeSenior Penetration TesterAre you a seasoned penetration tester looking to take your skills to the next level?We're seeking an experienced penetration tester to join our team at Scotiabank.As a penetration tester, you'll be responsible for identifying and exploiting vulnerabilities in our systems and applications.You'll work closely with our development teams...
-
Principal Application Security Lead
1 week ago
Toronto, Ontario, Canada Zynga Full timeJob Title: Principal Application Security LeadJob Summary:Zynga is seeking a Principal Application Security Lead to join our team. As a key member of our security team, you will be responsible for leading application security initiatives and improving overall cybersecurity across our gaming products and services.Responsibilities:Collaborate with...
Application Security Tester
1 month ago
Application Security Tester / Pen tester / Penetration tester
Contract duration: 12+ Months
Location: Toronto - Remote
This is a key role within the application delivery team, validating the security of the application throughout the SDLC. The candidate will work closely with architects, tech leads, IT security team, testing team, and product owners to understand the requirements, design and develop appropriate security abuse cases, execute, and produce reports.
Responsibilities
- Conduct technical scoping of security testing activities required in a project.
- Define abuse cases, and Execute security tests using a broad range of tools to discover and exploit possible vulnerabilities and weaknesses within cloud, on-prem and hybrid environments
- Bring in appropriate tools to the organization and set up relevant testing configurations to enhance practical testing processes.
- Perform controlled and methodological attempts to exploit identified vulnerabilities, simulating real world attacks. Manual Pen testing.
- Perform application security assessments using industry standards OWASP ASVS, NIST, PCI DSS.
- Analyze and understand the impact and severity of exploits. Determine the risk and consequences that could result from these vulnerabilities.
- Document findings and remediation recommendations and collaborate with security consulting team and architects to ensure vulnerability findings are successfully and efficiently addressed.
- Provide guidance on implementing and/or improving secure software development processes
- Stay up to date with latest security vulnerabilities, techniques and industry best practices.
- Typical security testing activities:
- Conduct comprehensive penetration testing and vulnerability assessment on our network, system, and application.
- Conduct Vulnerability Assessment of applications to identify potential security risks. This involves using various industry tools like, Burp, Kali Linux, nmap, ZAP, Metasploit, wireshark, SQLMap, fuzzing tools and other open source tools.
- Software/Web Application penetration testing
- API penetration testing
- Mobile Application Penetration Testing
- Network Penetration Testing
- SAST and DAST
Requirements
- Bachelor’s degree in computer science or related field
- Candidate should have 5+ years of experience of application security testing
- Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open-Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
- Familiarity with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box)
- Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows
- Familiarity with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations
- Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc.) certifications
