To apply for this job you must first either login or register

Security Consultant (DevSecOps)

Ontario -Permanent



Job Description

As a Security Consultant (DevSecOps), you will be expected to lead, manage and execute enterprise-wide application security programs, including advising on secure software development process and best practices across the SDLC. You will leverage security tooling and their integrations to assist with secure SDLC automation and secure DevOps. You will drive the creation of engagement plans mapped to client requirements and manage the technical delivery of the project. You will mentor the junior team members and help them grow as consultants. You will work across the country, on client sites with our key stakeholders, to deliver quality through being face to face with our customers.

**Please note there is a 60-70% travel requirement for this role.

Soft Skills
You can teach someone about anything without being an expert yourself.
Empathy is at your core, you enjoy taking the time to mentor and share your years of expertise.
You are smooth with C-level executives, putting together executive reports that hone in on business needs.
You love working with customers, helping solve big problems, and charming stakeholders across enterprise entities.
You believe in quality deliverables and are a true professional.
You understand that security is there to enable the business.
You are comfortable with non-standard work hours and working remotely.
Ultimately, you know how to Get Things Done.


Special Perks:

Regular company events.
Innovative and respectful work environment.
Time and budget for Learning and Growth
Encourage interaction with the security community by participation in security events such as conferences and local chapter meetings.
Flexible work environment.


Must Have Skills:

Technical Skills
2+ years of experience in an information security role focused on application security and secure SDLC.
Expertise in SAST (e.g. Fortify, Checkmarx, etc.) tooling including triage and code review.
Expertise in DAST (e.g. WebInspect, AppScan, etc.) tooling including triage.
Experienced with AppSec tooling within a CI/CD environment including development and deployment tools.
Expertise in the leading, execution and delivery of information security engagements.
Expertise in advising customers on application security including business process gaps, implementing recommendations, and helping achieve buy-in within enterprise organizations.
Ability to analyze root causes and deliver strategic recommendations during client reviews.


Education prefer candidates with a bachelor degree or minimum 3-year college diploma in:
Software engineering
Computer science/electrical engineering
IT/system and network administration
Other applicable engineering disciplines


Nice to Have Skills:

Experience with security governance processes, vendor management, or development is an asset.
Ability to read source code and/or background as a software developer is an asset.
CISSP, CSSLP, or GIAC certifications is an asset.


Details:
Starting: ASAP
To apply for this job you must first either login or register