Senior Security Analyst

Are you a seasoned Security Analyst with a passion for integrating security into the software development lifecycle? We are seeking a senior Application Security (AppSec) Analyst for a key project within a leading Canadian financial services and insurance organization. You will join a high-visibility initiative, collaborating with development teams, Product Owners, and Architects to embed security practices and tools directly into the development ecosystem. Your role will be crucial in protecting the organization's information assets as they build and deploy new applications. This is a 6-month contract with the potential for renewal. The role is primarily remote and is open to candidates located in Toronto, Montreal, or Quebec City, with occasional travel to the Quebec City office for key meetings.

• Work on a high-visibility, critical security project with a direct impact on the business.
• Enjoy significant location flexibility, with the role open to candidates in Toronto, Montreal, or Quebec City.
• Deepen your AppSec expertise by implementing and automating modern security tools within CI / CD pipelines.
• Join a leading Canadian financial institution on a 6-month contract with the possibility of renewal.
• Collaborate with cross-functional teams and influence the organization's cybersecurity maturity.

• Guide and support development teams in the integration and use of Application Security (AppSec) tools throughout the SDLC.
• Implement, maintain, and automate a suite of Application Security Testing (AST) tools, including SAST, DAST, and SCA, within CI / CD pipelines.
• Advise on project-level security requirements, ensuring alignment with corporate security frameworks and industry standards like NIST and ISO 27001.
• Conduct risk assessments, perform threat modeling, and present mitigation plans to asset owners.
• Use automated tools to detect vulnerabilities and perform investigations into security events and potential compromise vectors.
• Contribute to the continuous improvement of the organization's overall cybersecurity practices and infrastructure.

• Minimum of 5 years of experience in a similar cybersecurity role (e.g., Application Security Analyst, DevSecOps Specialist) on high-visibility projects.
• Strong familiarity with the Software Development Lifecycle (SDLC), DevOps principles, and frameworks like ITIL and NIST.
• Experience with Snyk mandatory
• Hands-on experience with Application Security Testing tools and concepts, including SAST, DAST, SCA, and container image scanning.
• Proficiency in scripting and automation (Python, Bash, or PowerShell) is essential.
• Solid understanding of the OWASP Top 10, threat modeling, encryption, and vulnerability management.
• Full professional proficiency in both French and English is mandatory.
• Assets: Familiarity with web / software development (.NET, Java, JS / TS), databases, and CI / CD tools.

We are looking for an autonomous and experienced Application Security Analyst to help secure a critical project for a leader in the Canadian financial sector. This is an excellent opportunity for a bilingual professional in Toronto, Montreal, or Quebec City to apply their DevSecOps and AppSec skills on a project with real impact. If you are adept at bridging the gap between development and security, we invite you to apply.

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary / gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.