API Application Security Engineer
Capgemini
Date: 18 hours ago
City: Montreal, QC
Contract type: Contractor
We are seeking an experienced Application Security Engineer with 5+ years of hands-on application security experience. The ideal candidate will be responsible for securing software applications throughout their lifecycle, identifying and mitigating vulnerabilities, conducting security assessments, and ensuring adherence to security best practices and standards.
Key Responsibilities
Security Design and Implementation:
Core Expertise:
Application security engineering, vulnerability management, security policy design, secure software development
Languages & Frameworks
Knowledge of secure coding practices in major languages (e.g., Java, Python, .NET), familiarity with SDLC integration
Security & Testing Tools
SAST/DAST tools, penetration testing, security incident monitoring, security automation tools
Cloud & Containerization
Security practices for cloud deployments and containerized environments (preferred)
DevOps & CI/CD
Integration of security tools and processes in CI/CD pipelines
Other Tools & Technologies
Threat modeling, risk management, reporting/dashboarding tools, code review automation
Soft Skills
Effective communication, training and mentorship, risk assessment, proactive problem-solving, collaborative mindset
The pay range that the employer in good faith reasonably expects to pay for this position is $30.05/hour - $46.95/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis. Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.
Key Responsibilities
Security Design and Implementation:
- Design and implement security measures for applications, considering architecture, coding standards, and deployment environments.
- Collaborate with development teams to integrate security into the Software Development Lifecycle (SDLC).
- Develop and maintain security policies, procedures, and standards.
- Conduct security assessments, including code reviews, static and dynamic analysis, and penetration testing.
- Identify and prioritize security vulnerabilities.
- Work with development teams to remediate identified vulnerabilities.
- Oversee regular security testing on applications and systems.
- Implement and manage security tools and processes for automated security testing.
- Monitor applications for security incidents and vulnerabilities.
- Create threat models to identify potential security threats and vulnerabilities.
- Assess and manage security risks.
- Develop and implement security controls to mitigate risks.
- Educate and train developers on secure coding practices and security best practices.
- Contribute to creating a security-conscious culture within the organization.
- Stay current with the latest security threats, trends, and countermeasures.
- Evaluate emerging threats and propose improvements to security measures.
- Create and maintain documentation and metrics relating to application security.
- Prepare reports and dashboards to track security performance.
Core Expertise:
Application security engineering, vulnerability management, security policy design, secure software development
Languages & Frameworks
Knowledge of secure coding practices in major languages (e.g., Java, Python, .NET), familiarity with SDLC integration
Security & Testing Tools
SAST/DAST tools, penetration testing, security incident monitoring, security automation tools
Cloud & Containerization
Security practices for cloud deployments and containerized environments (preferred)
DevOps & CI/CD
Integration of security tools and processes in CI/CD pipelines
Other Tools & Technologies
Threat modeling, risk management, reporting/dashboarding tools, code review automation
Soft Skills
Effective communication, training and mentorship, risk assessment, proactive problem-solving, collaborative mindset
The pay range that the employer in good faith reasonably expects to pay for this position is $30.05/hour - $46.95/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis. Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resume