Application Security Engineer- Onsite
No C2C or 3rd Parties
6 Month Contract Onsite: 3 days a week
Location-Toronto, Royal Bank Plaza-Bay Street
Great Company •Threat Modeling, person needs to be strong with it (80% per week) •Application Security, particularly with securing CI/CD pipelines and SDLC (20% per week)
Job Description: Company is in the Process of a M&A and are looking for someone with extensive experience in threat modeling. This person should be a self-starter and very proactive, capable of defining the practice and executing the necessary tasks.
Skills:
Model threats associated with new product and platform features and initiatives in close collaboration with various teams.
Drive decisions on improving resiliency, including infrastructure hygiene and security protections via the threat models.
Configure, implement, and operationalize IriusRisk for Threat Modelling practice with collaboration from various teams.
Build and mature the threat modelling function within company, bridging architecture and application security to jointly support the development teams.
Proficiency in threat modeling with network and architecture diagrams.
Knowledge of network architecture and application data flow, especially in cloud security.
Worked with AWS stack and has AWS expertise.
Familiarity with Prisma Cloud and Infrastructure as Code (IaaC) is a plus.
Soft Skills: Proactive, self-starter, able to work independently without needing direction.