What are the responsibilities and job description for the Senior Application Security Specialist- Remote / Telecommute position at Cynet Systems?
Job Details
We are looking for Senior Application Security Specialist - Remote / Telecommute for our client in Edmonton, AB
Job Title: Senior Application Security Specialist - Remote / Telecommute
Job Type: Contract
Job Description:
Job Description:
Duties:
- Assist Departments in assessing, selecting, implementing and verifying the effectiveness of security controls.
- Developing or reviewing application architecture for information technology systems from a security perspective.
- May also conduct vulnerability and penetration testing activities and provide a hands-on assessment of applications to identify potential weaknesses.
- Perform a thorough examination of the IT application and identify the weak points.
- Vulnerability assessment interprets and compares results against the various business processes to determine whether the perceived vulnerability is indeed valid, is a false positive or whether other security controls address the perceived vulnerability.
- Determine if the protective controls of a given IT system can be bypassed by actively exploiting identified weaknesses.
- Provides evidence (sometimes to an unbelieving audience) that vulnerabilities can be exploitable.
- Some activities include:
- Application vulnerability scanning to identify potential vulnerabilities in web and application services.
- Web application penetration services to simulate real attacks on web and application services
- The client will supply laptop or desktop.
- Financial/Pricing: 20%.
- Resource Qualifications: 20%.
- Interview Process: 60%.
- University graduation in Computing Science or a related discipline and 5-yr work experience related to this position OR 2-yr diploma in Computing Science or a related discipline and 7-yr work experience related to this position OR 1-yr certificate in Computing Science or a related discipline and 8-yr work experience related to this position OR 9-yr work experience related to this position Yes or No.
- Formal training from a recognized and reputable source on ethical hacking and secure software lifecycle development processes in SANS, CERT, ISF or equivalent Yes or No.
- The proposed resource has agreed to a Criminal Records Check and Enhanced Security Clearance including a credit check prior to commencement Yes or No.
- Active certification in CISSP, CISM Yes or No.
- Experience implementing DevSecOps in an enterprise environment 2 years.
- Experience in directly assessing the effectiveness of application security controls through ethical hacking or penetration/vulnerability assessments 5 years.
- Experience in secure software lifecycle development processes 5 years.
- Implementing and Utilizing Azure DevOps in building software 2 years.
- Implementing and Utilizing Github and Github actions in building software 2 years.
- Using tools to test security in application development and operations 2 years.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
