Job Title

Job Title - App Security Specialist Location - Hybrid- Toronto. Job Summary 6-9 years total experience in software development and DevOps, with at least 2 - 3 years handson security exposure (secure coding, pipeline security, API security, threat modeling). Must Have Skills DevSecOps - 7-9 years Gen AI Security - 10+ Responsibilities Secure API development Design and develop RESTful APIs and integrations with strong authentication, authorization, and data protection measures. Work with PostgreSQL and other RDBMS to query, optimize, and secure data structures against injection attacks, data leakage, and unauthorized access. Contribute to system architecture with Security by Design, including threat modeling and secure design reviews at the planning stage. Write scripts to automate security scans, compliance checks, and reduce manual effort in security monitoring and deployment workflows. Proficiency in Python, JavaScript, Java, or Go with a focus on secure coding standards (e.g., OWASP Top 10 mitigation). Implement CI/CD pipelines with integrated SAST, DAST, dependency scanning, and secrets management for secure deployments. Deep application of secure coding frameworks, vulnerability prevention, and industry best practices (OWASP, SANS). Strong problemsolving and debugging skills for both functional and securityrelated issues in dev, test, and prod environments. Collaborate closely with developers, operations, and security teams to embed a culture of security across all crossfunctional work. Primary Skills Secure coding (OWASP Top 10, SANS CWE) API security (OAuth2, JWT, input validation) CI/CD security integration (SAST, DAST, dependency scanning) Programming in Python, JavaScript, Java, or Go PostgreSQL database security Threat modeling & secure architecture reviews Security automation scripting Good to Have Cloud security (AWS/GCP/Azure) Container security (Docker/K8s, image scanning) IaC security (Terraform, Ansible) Security compliance (SOC 2, ISO 27001) #J-18808-Ljbffr