Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Recruit Action inc.

Application Security Analyst – DevSecOps

Recruit Action inc.

Application Security Analyst focusing on secure digital solutions in the insurance industry. Collaborating with teams to enhance application security practices and protect business-critical systems.

Posted 7/17/2026contractToronto • 🇨🇦 CanadaMid-LevelSenior💰 CA$30 - CA$37 per hourWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in application security management, including the use of SAST, DAST, and SCA tools, while effectively communicating vulnerability assessments and remediation strategies to diverse teams. Proficient in automating security processes and developing KPIs for vulnerability management.

Highest-signal resume keywords
Application Security ManagementVulnerability Assessment and RemediationSAST, DAST, SCA ToolsCybersecurity Certification (CISSP, CEH)DevSecOps and Agile Security Concepts

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Application SecurityVulnerability ManagementAutomation DesignSoftware Development (C++, Java, .NET)Penetration Testing InterpretationDevSecOps CI/CD Pipeline ImplementationSecure API DevelopmentCloud Solutions DesignVisio Diagram CreationProcess Engineering
Soft Skills
Effective CommunicationCollaborationProblem-SolvingSelf-MotivationProactivity
Tools & Technologies
SAST ToolsDAST ToolsSCA ToolsMAST ToolsAWS Cloud EnvironmentsMicroservicesContainersAgile MethodologiesWeb ServicesApplication Integration Technologies
Certifications & Qualifications
CISSPCEHGWAPTGWEBCASECSSLP
Industry Keywords
OWASP Top 10SANS Top 25Vulnerability Management ProgramKey Performance Indicators (KPIs)Key Risk Indicators (KRIs)Cyber Application SecurityIT DesignApplication DesignOperational SupportSecurity Processes

Tech Stack

Tools & technologies
AWSCloudCyber SecurityJ2EEJavaMicroservices.NET

About the role

Key responsibilities & impact
  • Assist with the operation and management of application security tools, including SAST, SCA, MAST, and DAST.
  • Review vulnerability assessment results and provide remediation guidance to delivery teams.
  • Conduct reviews of application security tools and perform tuning and upgrades based on penetration testing findings.
  • Create key performance indicators (KPIs) and key risk indicators (KRIs) for the vulnerability management program and present results to senior management.
  • Participate in the development of application security and vulnerability management directives.
  • Educate development teams on the OWASP Top 10 vulnerabilities for web, mobile, and API applications.
  • Automate repetitive security tasks to improve the efficiency of existing security processes.
  • Provide ongoing production support for web and mobile application systems, including operational requests, problem analysis, resolution, escalation, and reporting.
  • Create and maintain supporting documentation.

Requirements

What you’ll need
  • University or college diploma in Computer Science, Engineering, or an equivalent discipline.
  • CISSP, CEH, or another cybersecurity certification.
  • 2 years of experience in IT design, application design, and implementation.
  • 3 years of experience in cyber application security.
  • 1 year of experience designing automation and automating systems.
  • 2 years of software development experience using C++, Java, or .NET.
  • 1 year of experience managing application security platforms, including SAST, DAST, SCA, and mobile security tools.
  • Solid understanding of DevSecOps and Agile security concepts.
  • Hands-on experience with SAST, SCA, DAST, and MAST tools and techniques.
  • Expert knowledge of the OWASP Top 10 for web, mobile, and APIs, as well as the SANS Top 25.
  • Demonstrated experience leading vulnerability management and analysis.
  • Experience working in an Agile environment.
  • Ability to communicate effectively with both technical and non-technical audiences and collaborate with business partners and infrastructure teams.
  • Self-motivated, proactive, and driven with strong problem-solving abilities.
  • Ability to create professional Visio diagrams.
  • Security certifications such as GWAPT, GWEB, CASE, or CSSLP are considered an asset.
  • Experience interpreting penetration testing findings is considered an asset.
  • Programming knowledge is considered an asset.
  • Experience with secure development and testing of APIs, microservices, containers, and AWS cloud environments is considered an asset.
  • Knowledge of software development and vendor procurement life cycles is considered an asset.
  • Experience designing and implementing DevSecOps CI/CD pipelines is considered an asset.
  • Experience in process engineering is considered an asset.
  • Strong working knowledge of Java, J2EE, web services, and application integration technologies is considered an asset.
  • Experience designing and implementing cloud solutions is considered an asset.

Benefits

Comp & perks
  • Salaried: $30-37 per hour.
  • Incorporated Business Rate: $40-44 per hour.
  • 8-month contract with the potential for permanent employment.
  • Full-time position: 37.50 hours per week.
  • Monday to Friday, 9:00 am. to 5:00 pm.
  • Enjoy the flexibility of remote work.
  • On-site 1–2 times per quarter.