Browse
Employers / Recruiters

Application Security Specialist

workleap · 30+ days ago
Negotiable
Full-time
Continue
By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.

Company Description

Workleap is the one simple employee experience platform to elevate hybrid work.

With over 20,000 happy customers in more than 100 countries, Workleap allows you to listen to your employees, align your teams and grow everyone’s potential so they can deliver their best work.

Job Description

So, what will your new role look like? 

In this role you will be assisting in the re-establishment of our application security program, collaborating closely with developers to integrate security into the development process and building strong relationships with security champions across the organization.   

A typical week?  

A typical week would involve reviewing the output of our code scanning tools, leading tech design sessions with development teams, coordinating with security champions and continuously refining our application security processes to ensure they align with our broader vulnerability management goals. 

What does your future team look like?   

The Application Security team is a key part of the overall Security team, which consists of Security Operations and GRC.  The AppSec team will have a manager leading the team, with two AppSec specialists supporting the program. 

What are the next challenges awaiting your team?  

  • Re-establish the AppSec program as part of the larger vulnerability management program.
  • Work with our developer community on establishing a process from vulnerability discovery, triage and remediation (end-to-end).
  • Enlist & engage security champions for the AppSec program (within dev community) and cultivate these relationships. 

The Application Security Specialist supports the secure design and development of new systems, applications, and solutions for the organization.  

Main Responsibilities 

Support decision-making in terms of application security:

  • Oversee and administer application security tools (SAST, DAST, SCA). 
  • Manage the bug bounty program, including triaging reports and coordinating with developers for remediation. 
  • Educate and empower development teams by providing training, resources and guidance on secure coding practices, vulnerability management and threat mitigation strategies.   
  • Lead security champion meetings with development teams to drive the adoption of a security-first mindset and promote continuous learning and improvement in security practices. 
  • Being able to present the pros and cons of a security recommendation. 
  • Adapting vocabulary and promote security concepts to ensure common understanding. 
  • Raising security awareness within the product and development teams regarding various security issues. 
  • Ensuring product and development teams are prioritizing and embedding Application Security in SSDLC. 
  • Assessing and monitoring the application security risk profile.  

Collaboration with internal and external teams:

  • Work with the decision-makers to ensure security initiatives are embedded into the product roadmaps.    
  • Collaborate with internal teams and external security partners entities to conduct application security risk assessments.    
  • Inform and educate teams about norms, standards, best practices, methods and tools for application security development.    
  • Act as a reference and main point of contact to answer security related questions across the organization (Internal).     

Keep up to date with security related news:

  • Stay informed on legislation that can affect the organization’s security policies. 
  • Stay up to date with security news on norms, standards, best practices, methods and tools.    
  • Technology awareness. 
  • Be at the cutting edge of theory, tools and methodologies.    
  • Maintain active understanding of industry practices for secure software development.  

Documentation.

  • Documentation of norms, standards, best practices, methods and tools for application security.    

Qualifications 

  • Bachelor’s Degree in Computer Science, Information Security, or a related field; equivalent experience will also be considered;
  • 3-5 years of experience in application security with a strong background in securing software development processes;
  • Proficient in secure coding practices and familiarity with common vulnerabilities such as those listed in the OWASP Top Ten;
  • Experience with vulnerability assessment tools (e.g., SAST, DAST) and a proven track record of identifying and remediating security issues in code;
  • Strong understanding of threat modeling methodologies and ability to evaluate and prioritize potential threats;
  • Knowledge of DevSecOps principles and experience integrating security into CI/CD pipelines;
  • Excellent communication skills, with the ability to effectively convey complex security concepts to developers, stakeholders, and non-technical audiences;
  • Experience working with developer communities to establish and maintain processes for vulnerability discovery, triage, and remediation;
  • Familiarity with regulatory requirements and industry standards such as GDPR, HIPAA, or SOC 2;
  • Preferred: Certifications such as CISSP, CISM, or CSSLP are a plus;
  • Preferred: Experience in cloud security and securing applications in cloud environments like AWS, Azure, or GCP. 

Additional Information

At Workleap, we build together, we trust each other, and we support each other in success or failure. You will be able to express yourself, evolve and develop your creativity in an environment that will adapt to your daily life and your needs.  

We strive to create a healthy and inclusive work environment. This is everyone’s business. 

Our Candidate Experience Flow at Workleap: 
Phone Screen - Virtual Interview using Microsoft Teams - Work Sample - Job Offer

We are looking forward to getting to know you! 

By applying to this job, you are confirming that you have read and agree to the terms of our privacy policy.

#LI-Remote

Last updated on Aug 21, 2024

See more

About the company

More jobs like this

Analyzing

Remote

 · 

30+ days ago

Senior Developer
P
pojdnw80b39b3ntfgwn4yb4jyt4x4z064338el3fkvabiv4hp8y45oqjqctk2pwu

Ottawa, Ontario

 · 

30+ days ago

Technical Analyst
3
3djdnw5yqdh8wl3frr5t6561tvvokq01affwpxt3lcutzo4f8yt1aeiy3msk02or

British Columbia

 · 

30+ days ago

Solution Architect
7
7fjdnw91pq69jlvngz1gp518iugamw00c66623tmx447r7e3lkr3gqqpqjhpy8mo

Regina, Saskatchewan

 · 

30+ days ago

UI Developer
6
6hjdnwe6452jxyopb8yrghazw5r3c707c9urp8igk5pjwt0ln301k8r8fwh0eg85

Sydney, Nova Scotia

 · 

30+ days ago

Software Developer - Senior CA$620 - CA$640 / day
4ujdnwqsdebu7m13em5f0pt5dw80o500d7dv9cbq5ebzngb7yk0n43mjtefnbx0d

Toronto, Ontario

 · 

30+ days ago

DevOps Engineer
S
svjdnwzkulao5hqo7t0ifgvj8s71sf01d7dtgdstyhdixakxt6ty85zljsdyhgz2

Toronto, Ontario

 · 

30+ days ago

UI Developer
W
wvjdnw4vtqcqlaadmaupugf1nugstr02c0p8jj1pmbemmohm7ecdjkabls44tmnp

Montreal, Quebec

 · 

30+ days ago

WSO2 Developer/Support Analyst
3
3ojdnwwunr7dlbly31nkzyist5n7nc0526rsydld9calielotm8py07q0yyy0khg

Sydney, Nova Scotia

 · 

30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
Changelog
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status