Enable job alerts via email!
App Security Specialist
Cognizant Technology Solutions Limited
Toronto
Hybrid
CAD 100,000 - 130,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading technology company based in Toronto is looking for an App Security Specialist with 6-9 years of experience in software development and DevOps. This hybrid role requires extensive knowledge in secure coding and API security. You will design secure APIs, implement CI/CD pipelines, and automate security processes. The ideal candidate has hands-on experience with PostgreSQL, and programming languages like Python and JavaScript, and is equipped to drive a security-first approach in collaborative environments.
Qualifications
- 6-9 years total experience in software development and DevOps.
- At least 2-3 years hands-on security exposure.
- Strong problem-solving and debugging skills.
Responsibilities
- Secure API development with strong authentication and data protection.
- Design and develop RESTful APIs.
- Work with PostgreSQL and other RDBMS for data security.
- Contribute to Security by Design with threat modeling.
- Write scripts to automate security scans.
- Implement CI/CD pipelines for secure deployments.
- Collaborate to embed security culture across teams.
Skills
Job Title - App Security Specialist
Location - Hybrid- Toronto.
6-9 years total experience in software development and DevOps, with at least 2 - 3 years hands‑on security exposure (secure coding, pipeline security, API security, threat modeling).
- DevSecOps - 7-9 years
- Gen AI Security - 10+
- Secure API development
- Design and develop RESTful APIs and integrations with strong authentication, authorization, and data protection measures.
- Work with PostgreSQL and other RDBMS to query, optimize, and secure data structures against injection attacks, data leakage, and unauthorized access.
- Contribute to system architecture with Security by Design, including threat modeling and secure design reviews at the planning stage.
- Write scripts to automate security scans, compliance checks, and reduce manual effort in security monitoring and deployment workflows.
- Proficiency in Python, JavaScript, Java, or Go with a focus on secure coding standards (e.g., OWASP Top 10 mitigation).
- Implement CI/CD pipelines with integrated SAST, DAST, dependency scanning, and secrets management for secure deployments.
- Deep application of secure coding frameworks, vulnerability prevention, and industry best practices (OWASP, SANS).
- Strong problem‑solving and debugging skills for both functional and security‑related issues in dev, test, and prod environments.
- Collaborate closely with developers, operations, and security teams to embed a culture of security across all cross‑functional work.
- Secure coding (OWASP Top 10, SANS CWE)
- API security (OAuth2, JWT, input validation)
- CI/CD security integration (SAST, DAST, dependency scanning)
- Programming in Python, JavaScript, Java, or Go
- PostgreSQL database security
- Threat modeling & secure architecture reviews
- Security automation scripting
- Cloud security (AWS/GCP/Azure)
- Container security (Docker/K8s, image scanning)
- IaC security (Terraform, Ansible)
- Security compliance (SOC 2, ISO 27001)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
