Application Security Analyst
Role summary
We are seeking an Application Security Engineer to enhance our application security and DevSecOps program. This role is crucial for integrating security into the entire software development lifecycle (SDLC), from initial design to deployment. Responsibilities include performing static and dynamic security testing, implementing RBAC and IAM, securing CI/CD pipelines, and working with cloud environments like Azure and Kubernetes. The ideal candidate will automate security processes, guide developers on secure coding, and collaborate with cross-functional teams to drive security best practices and mature the application security program.
Position Description:
We are looking for an
Application Security Engineer
to help build and mature our application security and DevSecOps program. This role will focus on embedding security throughout the
software development lifecycle (SDLC)
—from design and development through deployment.
Typical responsibilities include:
Strong
application security
with experience securing modern development environments.
Experience implementing
role-based access controls (RBAC) and identity access management practices
.
Hands-on experience performing
static and dynamic application security testing
, including comparative analysis of tools and security findings.
Experience conducting
interactive testing and end-user acceptance style security reviews
, approaching applications from an attacker perspective to identify weaknesses.
Experience embedding security into the
software development lifecycle (SDLC)
from design through deployment.
Experience implementing and securing
CI/CD pipelines
, including automated security checks within development workflows.
Experience working in
cloud environments, particularly Azure
, and supporting
containerized platforms such as Kubernetes
.
Experience implementing
secure coding practices and guiding developers on secure application design
.
Ability to
automate security processes and integrate security tooling into development pipelines
.
Experience working with security tools such as
CrowdStrike, Microsoft Defender, and GitHub Advanced Security
.
Ability to
develop draft security policies, standards, and processes
related to application security and secure development.
Experience collaborating with
DevOps teams and cross-functional engineering teams
through regular standups and project meetings.
Strong ability to
influence change, advocate for security best practices, and drive improvements across development teams
.
Experience supporting
software approval processes and evaluating development tools for security and compliance considerations
.
Ability to help
build and mature an application security program within a growing organization
.
Similar roles
Senior Application Security AnalystPurolator Inc. · Mississauga, Ontario, Canada · Onsite
Application Security AnalystStellantis · Auburn Hills, Michigan, United States · Onsite
Application Security AnalystToyota North America · Plano, Texas, United States · Onsite- Senior Application Security AnalystPurolator Inc. · Mississauga, Ontario, Canada · Onsite
- Senior Application Security AnalystPurolator Inc. · Mississauga, Ontario, Canada · Onsite