Application Security Lead

Job Title: Application Security Lead
Job ID: 76846
Location: Vancouver, British Columbia

Overview:
The Application Security Lead is an integral team role within our client’s Application and Cloud Infrastructure Security Services. This role focuses on delivering high-quality services while supporting continuous improvement and growth.
Our client’s Application Security team uses industry-leading processes to offer application security architecture and design, risk assessment, Security DLC, CI/CD adoption, and managed services to medium-sized businesses across various sectors, including finance, healthcare, e-commerce, and technology.
Our client cultivates a culture of collaboration, excellence, openness, and teamwork. They are passionate about security and aim to build a world-class team of like-minded individuals who share their vision.

What you will be doing:

1. Lead and guide the Application Security team members, ensuring they have clear goals and support in achieving them.
2. Collaborate with our client’s leadership on strategic initiatives.
3. Contribute to application security service delivery, including design reviews, threat modeling, and pentesting using both automation tools and manual methods.
4. Develop and deliver application security design documents and risk assessment reports.
5. Design customized application security solutions to meet client needs.
6. Review identified issues and help clients with remediation and implementation.
7. Work closely with client development teams to support secure development practices.
8. Lead cross-domain collaboration to enhance security efforts.
9. Provide subject matter expertise, peer reviews, and mentorship in application security.
10. Assist with Cloud Infrastructure security and other domain engagements as needed.
11. Contribute to our client’s growth and industry leadership by delivering exceptional services.
12. Support technical sales efforts for application security and related services.
13. Identify opportunities for process improvement and automation and lead the implementation of solutions.
14. Provide regular updates to leadership on key activities, accomplishments, and challenges.
15. Participate in professional development activities, including training and conferences.
16. Maintain high standards of quality and uphold our client’s values in all actions.

What you must have:

1. Bachelor’s degree in Computer Science, Computer Engineering, or a related field.
2. 5+ years of experience in Information Security, with at least 3 years in Application Security.
3. 3-5 years of experience in modern software development (API expertise is a plus).
4. 1+ years of experience leading a technical team.
5. Strong understanding of secure software design, development methodologies, and best practices.
6. Proficiency in programming languages such as Java, Golang, C#, Python, or C++, and related frameworks.
7. Expertise in identifying and mitigating web and mobile security vulnerabilities, including those listed in the OWASP Top 10 and CWE Top 25.
8. Experience with static and dynamic security analysis tools and black-box/white-box methodologies.
9. Familiarity with software security exploitation tactics, techniques, and procedures.
10. Experience in application security architecture, design consulting, and risk assessment using leading industry processes.
11. Ability to develop and execute test plans, and provide detailed documentation and metrics.
12. Knowledge of authentication and authorization protocols like OpenID, OAuth, and SAML, along with cryptography practices.
13. Contributions to the security community through research, presentations, CVEs, bug bounty programs, open-source projects, or publications.
14. Excellent communication and executive-level presentation skills.
15. A passion for software security and an ethical hacker mindset.

Salary/Rate Range: $130,000.00 – $160,000