Application Security Engineer
Affinity Staffing
Toronto, ON
41d ago

Affinity Staffing has an exciting opportunity for an Application Security Engineer. You will be the key point of contact as the interface between software developers and the Security team.

Your mission is to ensure the security of applications by working with software developers to build secure systems, by prioritizing and tracking security issues identified at the application layer, and by monitoring the security of applications in a global production environment.

Responsibilities :

  • Performing code and design reviews of all internal and external software products
  • Developing and implementing automated tests to enforce security standards
  • Developing a security training and education program for software developers
  • Designing application-level metrics and monitoring to detect abuse
  • Ongoing monitoring of production applications and investigation of anomalous activity
  • Ensuring that issues identified are appropriately prioritized and addressed in future product releases
  • Prioritizing and tracking application security issues across the company
  • Working with software engineering teams to ensure timely resolution of issues
  • Analyzing issue metrics to surface patterns
  • Identify, highlight, and provide application security recommendations during requirement and design reviews
  • Track open issues and follow up with different teams to address the open issues.
  • Experience and Skills :

  • B.E Computer Science / Information Systems or related field or equivalent experience
  • 5 plus years of experience as a developer or in application security.
  • Strong programming background
  • Languages experience : Java / C#, T-SQL, JavaScript strongly preferred
  • Experience with Angular, Java, .Net, ASP.Net MVC, Entity Framework, Hibernate, Spring, Web Services (SOAP / WSDL or ReST / WADL), WCF
  • Knowledge of authentication mechanisms like SAML, OAuth, etc.
  • Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc.
  • Experience in secure application programming, code reviewing, and penetration testing web based applications (Veracode, TFS, WebInspect, Qualys, F5 ASM)
  • Experience in security testing mobile applications
  • Ability to work effectively with technical and non-technical personnel in a cross-functional setting
  • Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments
  • Identify security risks and develop solutions to eliminate or minimize risks
  • Knowledge of software design, software and network architecture, protocols, and standards
  • Excellent verbal and written communication skills
  • ISC2 (CISSP, CSSLP) and GIAC (GWAPT, GSSP-.NET / JAVA, GWEB) certifications desirable
  • Competencies :

  • Analysis : Identify and understand issues, problems, and opportunities; compare data from different sources to draw conclusions.
  • Communication : Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
  • Exercising Judgment and Decision Making : Use effective approaches for choosing a course of action or developing appropriate solutions;
  • recommend or take actions that are consistent with available facts, constraints, and probable consequences.

  • Technical and Professional Knowledge : Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-
  • related areas; remain current with developments and trends in areas of expertise.

  • Building Effective Relationships : Develop and use collaborative relationships to facilitate the accomplishment of work goals.
  • Client Focus : Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.
  • Requirements

  • Ability to travel to the US on an occasional basis, including for an extended time for training.
  • About Affinity Staffing :

    Affinity Staffing is a full service Information Technology agency that takes a unique approach to recruiting. We believe recruiting is about creating long term relationships that foster a mutually beneficial partnership -

    an affinity. Bringing a new style of recruiting founded on four core principles Transparency Flexibility Efficiency Agility.

    For more information on Affinity Staffing, please visit

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form