Create Alert
Email me similar jobs

Application Security Analyst (DevSecOps) — Remote

Application Security Analyst (DevSecOps) — Remote
Advance your career in the insurance industry by contributing to secure, innovative digital solutions. Work in a collaborative environment, leverage modern application security practices, and help strengthen the protection of business-critical systems while expanding your technical expertise.
What is in it for you:
• Salaried: $30-37 per hour.
• Incorporated Business Rate: $40-44 per hour.
• 8-month contract with the potential for permanent employment.
• Full-time position: 37.50 hours per week.
• Monday to Friday, 9:00 am. to 5:00 pm.
• Enjoy the flexibility of remote work.
• On-site 1–2 times per quarter.
Responsibilities:

• Assist with the operation and management of application security tools, including SAST, SCA, MAST, and DAST.
• Review vulnerability assessment results and provide remediation guidance to delivery teams.
• Conduct reviews of application security tools and perform tuning and upgrades based on penetration testing findings.
• Create key performance indicators (KPIs) and key risk indicators (KRIs) for the vulnerability management program and present results to senior management.
• Participate in the development of application security and vulnerability management directives.
• Educate development teams on the OWASP Top 10 vulnerabilities for web, mobile, and API applications.
• Automate repetitive security tasks to improve the efficiency of existing security processes.
• Provide ongoing production support for web and mobile application systems, including operational requests, problem analysis, resolution, escalation, and reporting.
• Create and maintain supporting documentation.
What you will need to succeed:

• University or college diploma in Computer Science, Engineering, or an equivalent discipline.
• CISSP, CEH, or another cybersecurity certification.
• 2 years of experience in IT design, application design, and implementation.
• 3 years of experience in cyber application security.
• 1 year of experience designing automation and automating systems.
• 2 years of software development experience using C++, Java, or .NET.
• 1 year of experience managing application security platforms, including SAST, DAST, SCA, and mobile security tools.
• Solid understanding of DevSecOps and Agile security concepts.
• Hands-on experience with SAST, SCA, DAST, and MAST tools and techniques.
• Expert knowledge of the OWASP Top 10 for web, mobile, and APIs, as well as the SANS Top 25.
• Demonstrated experience leading vulnerability management and analysis.
• Experience working in an Agile environment.
• Ability to communicate effectively with both technical and non-technical audiences and collaborate with business partners and infrastructure teams.
• Self-motivated, proactive, and driven with strong problem-solving abilities.
• Ability to create professional Visio diagrams.
• Security certifications such as GWAPT, GWEB, CASE, or CSSLP are considered an asset.
• Experience interpreting penetration testing findings is considered an asset.
• Programming knowledge is considered an asset.
• Experience with secure development and testing of APIs, microservices, containers, and AWS cloud environments is considered an asset.
• Knowledge of software development and vendor procurement life cycles is considered an asset.
• Experience designing and implementing DevSecOps CI/CD pipelines is considered an asset.
• Experience in process engineering is considered an asset.
• Strong working knowledge of Java, J2EE, web services, and application integration technologies is considered an asset.
• Experience designing and implementing cloud solutions is considered an asset.
Why Recruit Action?
Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process, some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.

Similar jobs

Application Security Analyst (DevSecOps) — Remote

Apply Now
Back to search page