Application Security Consultant

Client: Major Financial Institution

Location: Toronto

Length: 6 Months Contract





• 5-6 years in application security in a large enterprise environment
• In depth knowledge of Application Security, Information Security risk and industry best practices (how to best manage risk)
• Knowledge based on hands on experience in implementing security in rapid software development methodologies (like, Agile) and DevOps automation
• Working knowledge of the technical areas supported e.g. data warehouses, mainframes, networks, etc.
• Working knowledge of policies, standards and operating procedures in large organizations relating to information security risk (enterprise level)
• IBM Appscan, HP Fortify
• Information Security certification e.g. CISSP, CISSLP, GIAC etc. (one of the three at minimum)
• Excellent Communication Skills



• Mobile application security or mobile device security***
• Working knowledge of a bank's Operating Group businesses (BMO preferred) 
• Software security (e.g. defensive programming, source code analysis, application penetration testing, threat modelling) Database security (e.g. secure database configuration)
• Network security (e.g. firewall management, network zone policies)