Enable job alerts via email!

Application Security Engineer - API Security

Galent

Toronto

On-site

CAD 80,000 - 120,000

Full time

2 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading company in IT services seeks a mid-senior level API Security Analyst in Toronto. This role involves identifying and remediating API-related vulnerabilities, collaborating across teams, and applying expertise in OWASP standards. Ideal candidates have hands-on testing experience and a strong analytical mindset.

Benefits

Increase chances of interviewing through referrals

Qualifications

Strong understanding of OWASP API Security Top 10.
Experience in secure software development and API testing.
Ability to analyze security incidents and provide remediation.

Responsibilities

Analyze API security incidents and vulnerability reports.
Collaborate with teams to ensure API security throughout the SDLC.
Monitor API traffic for anomalies and potential attacks.

Skills

API security

Incidents and Vulnerabilities

False Positives

Tools

Postman

Burp Suite

OWASP ZAP

WAF

SIEM tools

Application Security Engineer - API Security

Direct message the job poster from Galent

Talent Acquisition Specialist - United States | Canada - IT & NON IT Recruitment

Job Summary:

We are seeking a detail-oriented and highly skilled API Security Analyst to join our cybersecurity team. You will be responsible for identifying, analyzing, and remediating API-related security vulnerabilities across our digital platforms. As a subject matter expert on the OWASP API Security Top 10, you will investigate incidents, validate findings, reduce false positives, and support secure software development practices. This role requires a blend of technical expertise, analytical mindset, and communication skills to drive secure API implementation and continuous improvement.

Key Skills:

API security
Incidents and Vulnerabilities
False Positives

Key Responsibilities:

Analyze API security incidents, logs, and vulnerability reports to identify root causes and threat patterns.
Apply deep knowledge of OWASP API Security Top 10 to detect and mitigate risks such as broken object-level authorization, mass assignment, and injection flaws.
Conduct hands-on testing of APIs using tools like Postman, Burp Suite, OWASP ZAP, or similar.
Identify, triage, and reduce false positives from automated vulnerability scanners.
Collaborate with development, DevOps, and security teams to ensure APIs are secured across the SDLC.
Implement secure design and threat modeling techniques for new and existing APIs.
Monitor API traffic via WAF, API gateways, and SIEM tools for anomalies or attacks.
Stay up-to-date with emerging threats, attack techniques, and vulnerability disclosures.
Support incident response by investigating exploitation attempts or potential breaches involving APIs.
Contribute to the development of security baselines, API hardening guidelines, and best practices.

Seniority level

Mid-Senior level

Employment type

Contract

Job function

Information Technology

Industries

IT Services and IT Consulting

Referrals increase your chances of interviewing at Galent by 2x

Get notified about new Application Security Engineer jobs in Toronto, Ontario, Canada.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs

Software Engineer - Security (Incident Detection and Response) (Remote- Canada)

奥汰

Toronto null

Remote

CAD 101.000 - 237.000

Full time

8 days ago

Security Engineer (CASB-DLP Specialist) - Cyber Security Service Provider

Hamilton Barnes Associates Limited

Toronto null

Remote

CAD 80.000 - 100.000

Full time

8 days ago

Senior Application Security Engineer

null null

Remote

CAD 100.000 - 140.000

Full time

Yesterday

Be an early applicant