**We are no longer accepting applications for this position **
Job Title: Application Security Engineer
Location: Remote – Canada
Department: Information Technology / Cybersecurity
Reports To: Senior Security Manager
Employment Type: Full-Time
Company Overview:
Core Cyber Consulting is a leading security services consulting firm dedicated to providing innovative and comprehensive cybersecurity solutions to our clients. We specialize in protecting critical infrastructure, enhancing data security, and ensuring compliance with industry standards. Our team of experts is committed to delivering top-tier cybersecurity services and strategic advice to organizations of all sizes.Job Summary:
Responsibilities:
- Conduct security assessments and audits of applications, including code reviews, penetration testing, and vulnerability scans.
- Identify and document security vulnerabilities and provide clear recommendations for fixing them.
- Perform threat modeling to identify potential security risks and design effective countermeasures.
- Develop and maintain threat models for key applications.
- Create and deliver security training programs for developers, focusing on secure coding practices and best practices.
- Foster a culture of security awareness within the organization.
- Participate in incident response activities, including investigation, containment, and remediation.
- Document and report on security incidents to prevent future occurrences.
- Develop and maintain security policies and procedures for application development and deployment.
- Ensure compliance with industry standards and regulations.
- Evaluate and implement security tools to enhance application security.
- Automate security testing and scanning processes to improve efficiency.
- Work closely with cross-functional teams to ensure a cohesive approach to security.
- Communicate security risks and solutions to both technical and non-technical stakeholders.
Qualifications:
- Education:
- Bachelor’s degree in Computer Science, Information Security, or a related field. Master’s degree is a plus.
- Experience:
- 7-8 years of experience in application security, with a focus on secure software development practices.
- Proven experience in security assessments, code reviews, and threat modeling.
- Experience in incident response and security operations.
- Proficient in security tools like SonarQube, Veracode, Nessus, Burp Suite, and Metasploit.
- Strong knowledge of web application security frameworks (e.g., OWASP Top 10, PCI DSS, GDPR).
- Experience with secure coding practices and programming languages (e.g., Java, Python, JavaScript, .NET).
Preferred Qualifications:
- Certifications:
- CSSLP, CISSP, OSCP
- Additional Skills:
- Experience with cloud security (AWS, Azure, GCP).
- Knowledge of DevSecOps practices and tools.
- Scripting and automation skills (Python, Bash).
We are an equal opportunity employer and welcome applications from all qualified candidates. If you are passionate about cybersecurity and have the experience and skills we are looking for, we encourage you to apply for this exciting opportunity!
0 Comments