top of page

Application Security Analyst (PenTest)

Regina, SK, Canada

Job Type

Full Time

About the Role

Requirements

Mandatory Requirements:


  • Resource must have minimum of five (5) years Application Development and/or Web Application Security experience testing and mitigating risks related to web applications and websites development.

  • Experience with web protocols including HTTP, HTTPS, and SOAP

  • Experience in static and dynamic application security testing using SAST/DAST tools and manual techniques.

  • Experience with cybersecurity standards such as CIS Open Web Application Security Project (OWASP) Application Security Testing and NIST 800-95 Standards

  • Experience with secure communication, authentication and encryption protocols such as SAML,OAuth2, LDAP and TLS/SSL Standards



Details (Indicate specific technologies and alignment to experience detailed in resume)

  • Recommending and testing security controls within applications using both automated and manual techniques.

  • Performing web application vulnerability assessments and penetration testing.

  • Performing Cloud security testing and configuration validation across major cloud platforms including Azure, Oracle Cloud Infrastructure and AWS.

  • Conducting security testing for mobile operating systems and applications.

  • Performing security testing on web services and Application Programming Interface (APIs).

  • Conducting code reviews and support secure code repositories.

  • Testing and validating configurations of web applications behind Web Application Firewalls (WAF).

  • Promoting visibility into applications with security tools such as SIEM.

  • Performing Cyber Incident monitoring and security incident response.

  • Performing threat Risk Assessments.

  • 5+ years of Application Development and/or Web Application Security experience testing and mitigating risks related to web applications and

  • websites development in private and/or public sectors.

  • Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional(OSCP), CEH ,GIAC GWEB and/or Cloud

  • certifications such as Azure Microsoft Certified Azure Developer Associate would be considered beneficial.

  • Experience with web protocols including HTTP, HTTPS, and SOAP.

About the Company

bottom of page