Enable job alerts via email!
Lead Application Security Engineer
Elastify Inc.
Toronto
Hybrid
CAD 100,000 - 150,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading company in IT Services and Consulting is seeking a Lead/Manager of Application Security in downtown Toronto. This hybrid role requires extensive experience in software development and cybersecurity, with a focus on application vulnerability remediation and secure coding practices. Ideal candidates will have a strong technical background and relevant certifications. Join a dynamic team and contribute to enhancing application security in a fast-paced environment.
Qualifications
- 10+ years of experience in software development and cybersecurity engineering.
- Proficiency in scripting languages (Python, PowerShell) and programming languages (Java, C#, C++, SQL).
- Extensive experience with application security testing tools (SAST, DAST, IAST, SCA).
Responsibilities
- Lead application security initiatives and vulnerability remediation.
- Ensure secure coding practices and insider threat detection.
- Oversee application security testing and security automation.
Skills
Job description
Elastify is looking for a Lead/Manager of Application Security who remains hands-on for a permanent role in downtown Toronto. The position is hybrid. Please apply for more details.
- 10+ years of experience in software development and cybersecurity engineering roles, with significant hands-on expertise in application vulnerability remediation, container security, secure coding practices, and insider threat detection.
- Proficiency in scripting languages (e.g., Python, PowerShell) and familiarity with multiple programming languages (e.g., Java, C#, C++, SQL) for software development and vulnerability remediation.
- Extensive hands-on experience with application security testing tools (SAST, DAST, IAST, SCA) and direct remediation activities.
- Technical expertise with container security (Docker, Kubernetes), infrastructure-as-code (IaC) security (e.g., Terraform), vulnerability remediation, insider threat detection, and security automation tools.
- Strong architectural knowledge, comprehensive understanding of secure software development lifecycle (SSDLC) practices, and familiarity with OWASP Top 10, SANS 25, and threat modeling methodologies.
- Relevant security certifications (CSSLP, GWAPT, OSCP, CISSP, or equivalent).
- Experience in financial services or highly regulated industries.
- Mid-Senior level
- Full-time
- Information Technology
- IT Services and IT Consulting
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
