Application Security Consultant / Developer

Our client, Cyberhive Technology Partners, is a rapidly growing cybersecurity firm based in Toronto, Canada. Cyberhive helps organizations safeguard their critical assets, data, and operations in an increasingly complex threat landscape. Our team is driven by innovation and a commitment to providing cutting-edge solutions to our clients across various industries. We’re looking for a talented and motivated Mid-Level Application Security Consultant / Application Developer to join our dynamic team and contribute to the success of our cybersecurity projects.

Role Overview:

As a Mid-Level Application Security Consultant / Developer, you’ll play a key role in advising clients on application security best practices and assisting in secure software development across various stages of the Software Development Life Cycle (SDLC). You’ll also have the opportunity to apply your development skills to ensure that security is embedded into the architecture, design, and deployment of applications.

If you have a strong foundation in application security and software development, and you’re eager to expand your skill set while contributing to complex and innovative projects, this role is for you!

Responsibilities:

• Application Security Focus: Perform application security assessments and help implement security controls, including RASP (Runtime Application Self-Protection), WAF (Web Application Firewall), and secure coding practices.
• Security in the SDLC: Work with development teams to integrate security throughout the entire Software Development Life Cycle (SDLC), from design, coding to testing and deployment.
• Secure Coding: Ensure that applications are developed using secure libraries and frameworks, promoting best practices for secure development.
• Technology and Tools: Work with a range of technologies such as Python, React, Docker, MongoDB, InfluxDB, Redis caching, and SendGrid. Help incorporate security into these technologies and platforms.
• Continuous Improvement: Collaborate with cross-functional teams to identify and mitigate security vulnerabilities and performance bottlenecks in applications.
• Collaboration: Use tools like Figma and GitHub for collaboration on development and design, ensuring the development team adheres to security best practices.
• Security Integration: Help integrate authentication and authorization mechanisms using tools like Auth0 and leverage APIs for cloud-based services like OpenAI.
• Reference: dPxNpv8YvHcXqWlv92gZsPCkd3hZIoRpSstl4_OEHFM.

Ideal Candidate:

You’ll thrive in this role if you have a solid understanding of application security or software development, with a desire to grow your skills in a dynamic and collaborative environment. The ideal candidate will have:

Experience: 2-5 years of hands-on experience in application security, software development, or a related field. Less experience may be considered if you demonstrate strong potential and the ability to quickly learn and grow.

Technical Skills:

• Must have DevSecOps experience, pipeline modernization including pipeline integration and CI/CD
• Application security concepts and tools (RASP, WAF, secure libraries, etc.)
• Software development in languages such as Python, React, or similar
• Database technologies like MongoDB, InfluxDB, Redis, etc.
• Familiarity with secure software design and coding practices
• Development Tools: Experience with GitHub, Docker, and other version control and containerization tools.
• Security Practices: Knowledge of application security vulnerabilities (e.g., OWASP Top 10) and methods for mitigating them within applications.
• Cloud & APIs: Familiarity with cloud security practices and integrating APIs for services such as OpenAI and SendGrid.
• Certifications (a plus): OWASP, CompTIA Security+, or similar certifications are a plus, but not required.
• Nice to have: Terraform, Veracode experience, IaC, SaC

Soft Skills:

Strong communication skills and the ability to work well both independently and in collaborative team environments. An eagerness to learn and tackle new security challenges.

Why Join Us?

• Professional Growth: Access to continuous learning and development opportunities to further your expertise.
• Impactful Work: Work on high-impact security projects that protect critical applications and sensitive data for a range of clients.
• Cutting-Edge Tech: Work with the latest technologies and frameworks, from React and Python to modern databases and cloud platforms.
• Flexible Work Options: We offer flexible work hours and remote work to support work-life balance.
• Competitive Compensation: Attractive salary.

How to Apply:

If you’re excited about cybersecurity development and want to take your career to the next level, we’d love to hear from you! Please submit your CV if you think you’d be a great fit for this role.

For any questions please feel free to visit bayrecruiting.ca.