Application Security Specialist

3 weeks ago

Old Toronto, Ontario, Canada ipss inc. Full time
Job Title: Specialist Application Security

Division: Office of the Chief Information Security Officer

Reports To: Manager Application Security

Salary Range: $112,280 to $122,000

Work Location: 55 John Street, Toronto

Job Type: Permanent Full Time

Shift Information: Monday to Friday, 35 hours work week

Job Summary:

We are seeking a skilled Application Security Specialist with experience in secure coding practices, threat modeling, Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), and container security. The ideal candidate will play a critical role in safeguarding our applications and services by implementing robust cyber security measures throughout the software development lifecycle.

The successful candidate will provide expertise, guidance, advice, and operational support for the development, deployment, and management of application security programs to ensure the City is adequately protected from cyber security threats and to support the execution of the Chief Information Security Officer's (CISO) mandate, cyber vision, and strategy.

Key Responsibilities:
  1. Conduct Security Assessments: Perform regular security assessments, including vulnerability scanning, penetration testing, and code reviews, to identify and remediate potential security weaknesses.
  2. Threat Modeling: Conduct comprehensive threat modeling exercises to identify, analyze, and prioritize potential security threats and risks in software applications. Utilize frameworks such as STRIDE or PASTA to systematically assess vulnerabilities.
  3. Manage Security Tools: Utilize SAST, DAST, and SCA tools to analyze code and third-party components for vulnerabilities; oversee the implementation of automated security testing within CI/CD pipelines.
  4. Container Security: Implement security measures for containerized applications, ensuring compliance with best practices for container security.
  5. Collaboration: Work closely with development, operations, and IT teams to ensure that security measures are effectively integrated into all stages of application development and deployment.
  6. Secure Coding Practices: Provide guidance on secure coding practices to development teams, ensuring that security is integrated into the application development process from the outset.
  7. Research & Technical Advice: Work with senior specialists on complex projects, providing technical knowledge, research, proof-of-concepts, and support for cloud security (CASB), web application and API security (WAAP), securing AI systems, and others.
  8. Cybersecurity Solution Configuration and Advice: Assist Sr. Specialists in developing and implementing detailed cybersecurity configuration plans/designs, based on specific program requirements. Provide recommendations on improvements to business processes and security practices.
  9. Project Support & Collaboration: Collaborate on cybersecurity projects, ensuring effective communication, high work standards, and organizational performance. Provide input and support to project teams, including scheduling, reviewing work, and contributing to project execution.
  10. Emerging Technology & Risk Management: Stay up to date with cybersecurity trends, risks, and technologies. Participate in security strategy reviews and the evaluation, implementation, and configuration of technical solutions, while helping assess cybersecurity needs of business strategies.
  11. Contract & Document Preparation: Support in preparing RFPs, Statements of Work, and other contractual documents. Help ensure cybersecurity-related expenditures remain within budget.
Qualifications/Certifications:
  1. Education: Bachelor's degree in Computer Science, Information Technology, or a related field.
  2. Experience: Proven experience in application security (minimum three years).
  3. Certifications: Relevant certifications such as CISSP, CEH, OSCP or equivalent are highly desirable.
  4. Technical Skills:
  5. Proficient in secure coding practices across multiple programming languages (e.g., Java, C#, Python).
  6. Strong understanding of application vulnerabilities (OWASP Top Ten) and mitigation strategies.
  7. Experience with SAST, DAST, SCA tools and threat modeling methodologies.
  8. Familiarity with container orchestration platforms (e.g., Kubernetes) and their security best practices.
Soft Skills:
  1. Excellent analytical and problem-solving skills.
  2. Strong communication skills to effectively collaborate with cross-functional teams.
  3. Ability to work independently in a fast-paced environment while managing multiple priorities.
  4. Highly organized, proactive, self-motivated team player who takes initiatives and is able to work independently.
Additional Comments/Information:

A normal work week is 35 hours; however, unforeseen situations may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment, and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity, and Inclusion:

The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City's commitment to employment equity.

Accommodation:

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City's Hiring Policies and Accommodation Process.

  • Application Security Specialist

    5 days ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job Title: Application Security SpecialistAt David Joseph & Company, we are seeking a highly skilled Application Security Specialist to join our team. As an Application Security Specialist, you will play a critical role in safeguarding our applications and services by implementing robust cyber security measures throughout the software development...

  • Senior Application Security Specialist

    2 months ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Application Security SpecialistWe are seeking a highly skilled Senior Application Security Specialist to join our team at ipss inc. as a key member of our Application Security team. The ideal candidate will have a strong background in application security, with a focus on DevSecOps practices, container security, threat modeling, and cloud...

  • Senior Application Security Specialist

    2 months ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Application Security SpecialistWe are seeking a highly skilled Senior Application Security Specialist to join our team at ipss inc. as a key member of our Application Security team. The ideal candidate will have a strong background in application security, with a focus on DevSecOps practices, container security, threat modeling, and cloud...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Application Security SpecialistJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekWe are seeking a skilled Application Security Specialist with experience in secure coding practices, threat modelling, Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada First National Full time

    Job Summary:We are seeking an experienced Application Security Specialist to join our team at First National. As an Application Security Specialist, you will be responsible for analyzing and documenting processes, policies, controls, and standards to comply with security frameworks and regulations.Key Responsibilities:Performing security reviews and...

  • Application Security Specialist

    2 months ago

    Toronto, Ontario, Canada First National Full time

    Job Title: Application Security SpecialistWe are seeking an experienced Application Security Specialist to join our team at First National. As a key member of our Information Security team, you will play a critical role in ensuring the security and integrity of our applications and systems.Key Responsibilities:Analyze and document processes, policies,...

  • Application Security Specialist

    2 months ago

    Toronto, Ontario, Canada First National Full time

    Job Title: Application Security SpecialistWe are seeking an experienced Application Security Specialist to join our team at First National. As a key member of our Information Security team, you will play a critical role in ensuring the security and integrity of our applications and systems.Key Responsibilities:Analyze and document processes, policies,...

  • Application Security Specialist

    3 weeks ago

    Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Application Security SpecialistJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekWe are seeking a skilled Application Security Specialist with experience in secure coding practices, threat modeling, Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security...

  • Application Security Specialist

    3 weeks ago

    Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Application Security SpecialistJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekWe are seeking a skilled Application Security Specialist with experience in secure coding practices, threat modeling, Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...

  • Senior Application Security Specialist

    1 month ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Specialist Application SecurityDivision: Office of the Chief Information Security OfficerReports To: Manager Application SecuritySalary Range: $122,305.00 to $163,639.00Work Location: 55 John Street, TorontoJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekJob Summary:We are seeking a highly skilled Senior...

  • Senior Application Security Specialist

    4 weeks ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Specialist Application SecurityDivision: Office of the Chief Information Security OfficerReports To: Manager Application SecuritySalary Range: $122,305.00 to $163,639.00Work Location: 55 John Street, TorontoJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekJob Summary:We are seeking a highly skilled Senior...

  • Senior Application Security Specialist

    1 month ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Specialist Application SecurityDivision: Office of the Chief Information Security OfficerReports To: Manager Application SecuritySalary Range: $122,305.00 to $163,639.00Work Location: 55 John Street, TorontoJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekJob Summary:We are seeking a highly skilled Senior...

  • Senior Application Security Specialist

    4 weeks ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job Title: Senior Specialist Application SecurityDivision: Office of the Chief Information Security OfficerReports To: Manager Application SecuritySalary Range: $122,305.00 to $163,639.00Work Location: 55 John Street, TorontoJob Type: Permanent Full TimeShift Information: Monday to Friday, 35 hours work weekJob Summary:We are seeking a highly skilled Senior...

  • Security Protection Specialist

    3 days ago

    Toronto, Ontario, Canada Paladin Security Full time

    Security Protection SpecialistAt Paladin Security, we're dedicated to making the world a safer and friendlier place. As a Security Protection Specialist, you'll play a vital role in providing top-notch security services to our clients with complex security needs. **Job Highlights:*** Competitive hourly rate of $18.25* Opportunities for growth and advancement...

  • Application Security Specialist

    1 month ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...

  • Application Security Specialist

    2 weeks ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...

  • Application Security Specialist

    1 month ago

    Toronto, Ontario, Canada David Joseph & Company Full time

    Job SummaryWe are seeking a highly skilled Application Security Specialist to join our team at David Joseph & Company. As a key member of our cybersecurity team, you will play a critical role in safeguarding our applications and services by implementing robust security measures throughout the software development lifecycle.Key ResponsibilitiesConduct...