Python Job: Application Security Engineer

Job added on


Toronto, ON - Canada

Job type


Python Job Details

Piper Companies is seeking an Application Security Engineer . The Application Security Engineer will be responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of application in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases.

Responsibilities of the Application Security Engineer include:
  • Develop secure software development standards and implementation across the product suite.
  • Work with development teams to ensure Software Composition Analysis (SCA), Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans are on conducted on a defined cadence.
  • Coordinate external application penetration testing and application vulnerability assessments
  • Ensure software vulnerabilities are tracked, remediated within appropriate timelines and security exceptions are managed.
  • Work in tandem with developers to provide repetitive validation testing prior to production while allowing for a continuous cycle of development followed by application security assessments.
  • Use security standards and implementation configurations, as well as common security frameworks.
  • Focus on application security that observes compliance - PCI DSS, SOC2 SSAE18, ISO 27001and global privacy laws.

Qualifications for the Application Security Engineer:
  • At least 5+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering or development background.
  • Highly technical and analytical experience, with a proven deep background (preferred 5+ years' in addition to cybersecurity) in application programming
  • Experience in threat modeling applications.
  • Application vulnerability and penetration-testing skills is an asset
  • Proficiency in software development (Java, Angular, C#, Spring,, Python, etc.).
  • Experience with SCA, SAST and DAST tools; knowledge of the Synopsys tools Coverity, Black Duck and Tinfoil is an asset.
  • Understanding of frameworks such as OWASP, BSIMM, SAMM, SABSA, O-ESA etc.

Compensation for the Application Security Engineer include:
  • Salary Range: $70-90/hr
  • Full benefits