DevSecOps Security Analyst — 100 Remote

Recrute Action


Job Location:

Toronto - Canada

Monthly Salary: $ 30 - 37
Posted on: 2 hours ago
Vacancies: 1 Vacancy

Job Summary

DevSecOps Security Analyst Remote

Advance your career in the insurance industry by contributing to secure innovative digital solutions. Work in a collaborative environment leverage modern application security practices and help strengthen the protection of business-critical systems while expanding your technical expertise.

What is in it for you:

Salaried: $30-37 per hour.
Incorporated Business Rate: $40-44 per hour.
8-month contract with the potential for permanent employment.
Full-time position: 37.50 hours per week.
Monday to Friday 9:00 am. to 5:00 pm.
Enjoy the flexibility of remote work.
On-site 12 times per quarter.

Responsibilities:

Assist with the operation and management of application security tools including SAST SCA MAST and DAST.
Review vulnerability assessment results and provide remediation guidance to delivery teams.
Conduct reviews of application security tools and perform tuning and upgrades based on penetration testing findings.
Create key performance indicators (KPIs) and key risk indicators (KRIs) for the vulnerability management program and present results to senior management.
Participate in the development of application security and vulnerability management directives.
Educate development teams on the OWASP Top 10 vulnerabilities for web mobile and API applications.
Automate repetitive security tasks to improve the efficiency of existing security processes.
Provide ongoing production support for web and mobile application systems including operational requests problem analysis resolution escalation and reporting.
Create and maintain supporting documentation.

What you will need to succeed:

University or college diploma in Computer Science Engineering or an equivalent discipline.
CISSP CEH or another cybersecurity certification.
2 years of experience in IT design application design and implementation.
3 years of experience in cyber application security.
1 year of experience designing automation and automating systems.
2 years of software development experience using C Java .
1 year of experience managing application security platforms including SAST DAST SCA and mobile security tools.
Solid understanding of DevSecOps and Agile security concepts.
Hands-on experience with SAST SCA DAST and MAST tools and techniques.
Expert knowledge of the OWASP Top 10 for web mobile and APIs as well as the SANS Top 25.
Demonstrated experience leading vulnerability management and analysis.
Experience working in an Agile environment.
Ability to communicate effectively with both technical and non-technical audiences and collaborate with business partners and infrastructure teams.
Self-motivated proactive and driven with strong problem-solving abilities.
Ability to create professional Visio diagrams.
Security certifications such as GWAPT GWEB CASE or CSSLP are considered an asset.
Experience interpreting penetration testing findings is considered an asset.
Programming knowledge is considered an asset.
Experience with secure development and testing of APIs microservices containers and AWS cloud environments is considered an asset.
Knowledge of software development and vendor procurement life cycles is considered an asset.
Experience designing and implementing DevSecOps CI/CD pipelines is considered an asset.
Experience in process engineering is considered an asset.
Strong working knowledge of Java J2EE web services and application integration technologies is considered an asset.
Experience designing and implementing cloud solutions is considered an asset.

Why Recruit Action

Recruit Action (agency permit: AP-2504511) provides recruitment services through quality support and a personalized approach. As part of the screening process some applications may be reviewed using artificial intelligence tools. Only candidates who meet the hiring criteria will be contacted.


Required Skills:

DevSecOps Security Analyst RemoteAdvance your career in the insurance industry by contributing to secure innovative digital solutions. Work in a collaborative environment leverage modern application security practices and help strengthen the protection of business-critical systems while expanding y...