Our client, a major Canadian enterprise, is seeking a Security Developer strong technical understanding of application security and a collaborative approach to problem-solving.
The candidate will work in a small sized team of between 1-5 people.
--------------------------------------------------------------------------------
...
Advantages
Working with a leading provincial based financial institution.
Consistent Hours: Enjoy a stable 36.25-hour work week with a predictable schedule for scheduled maintenance.
Growth Potential: This contract includes a strong possibility of extension based on performance and project needs
Responsibilities
Design, develop, and architect scalable security features and identity adapters, ensuring Security-by-Design is baked into the product lifecycle from inception to sunset.
Engineer and automate application security testing (SAST/DAST/SCA) within CI/CD pipelines to identify vulnerabilities at scale, rather than just performing manual scans.
Lead Security Architecture Reviews for complex client identity flows, providing authoritative guidance on OIDC, OAuth 2.0, and JWT implementation and vulnerability remediation.
Define the standardized security control library for the organization and verify the effectiveness of these controls through automated validation.
Review application architecture from a security perspective and provide technical guidance on vulnerability remediation.
Assist departments in assessing, selecting, implementing, and verifying the effectiveness of security controls.
Engineer and deploy of Automated Security Validation (ASV) frameworks that programmatically exploit identified vulnerabilities.
Design scalable 'Security-as-Code' suites to verify control effectiveness across the enterprise CI/CD pipelines, providing automated, evidence-based risk reporting to stakeholders
Operationalize Threat Modeling across the engineering org by establishing STRIDE-based standards and mentoring junior developers to lead their own sessions.
Influence organizational security culture by developing secure coding standards and leading "Security Champion" programs.
Design and oversee the development of security telemetry pipelines and executive dashboards that provide a real-time, risk-based view of the application security posture.
Qualifications
Top Skills: Custom Code Gating and Automation: Automatically scan code for vulnerabilities before it's deployed, stopping risky code instantly and giving developers immediate, helpful feedback.
AI Vulnerability Remediation and Visibility: Use new AI tools to quickly find and fix security issues, drastically reducing the manual effort from our development teams across CXT.
Complete Software Inventory (SBOM): Create an automated, comprehensive list of all software components we use to quickly identify and manage risk from new vulnerabilities or license issues.
Secure Development Assurance: Focuses on maturing foundational initiatives like the AppSec portal, security champions program, and targeted developer training to cultivate a proactive security culture and streamline critical processes.
Measurable Security Performance: Define clear metrics to track how well our security controls are working and establish a standardized framework for security testing to ensure consistent compliance and high quality.
Summary
Position Title: Security Developer
Position Type: Contract (Possibility of extension)
Hours: 36.25 hours/week
Location: Hybrid, Calgay
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
Our client, a major Canadian enterprise, is seeking a Security Developer strong technical understanding of application security and a collaborative approach to problem-solving.
The candidate will work in a small sized team of between 1-5 people.
--------------------------------------------------------------------------------
Advantages
Working with a leading provincial based financial institution.
Consistent Hours: Enjoy a stable 36.25-hour work week with a predictable schedule for scheduled maintenance.
Growth Potential: This contract includes a strong possibility of extension based on performance and project needs
Responsibilities
Design, develop, and architect scalable security features and identity adapters, ensuring Security-by-Design is baked into the product lifecycle from inception to sunset.
Engineer and automate application security testing (SAST/DAST/SCA) within CI/CD pipelines to identify vulnerabilities at scale, rather than just performing manual scans.
Lead Security Architecture Reviews for complex client identity flows, providing authoritative guidance on OIDC, OAuth 2.0, and JWT implementation and vulnerability remediation.
...
Define the standardized security control library for the organization and verify the effectiveness of these controls through automated validation.
Review application architecture from a security perspective and provide technical guidance on vulnerability remediation.
Assist departments in assessing, selecting, implementing, and verifying the effectiveness of security controls.
Engineer and deploy of Automated Security Validation (ASV) frameworks that programmatically exploit identified vulnerabilities.
Design scalable 'Security-as-Code' suites to verify control effectiveness across the enterprise CI/CD pipelines, providing automated, evidence-based risk reporting to stakeholders
Operationalize Threat Modeling across the engineering org by establishing STRIDE-based standards and mentoring junior developers to lead their own sessions.
Influence organizational security culture by developing secure coding standards and leading "Security Champion" programs.
Design and oversee the development of security telemetry pipelines and executive dashboards that provide a real-time, risk-based view of the application security posture.
Qualifications
Top Skills: Custom Code Gating and Automation: Automatically scan code for vulnerabilities before it's deployed, stopping risky code instantly and giving developers immediate, helpful feedback.
AI Vulnerability Remediation and Visibility: Use new AI tools to quickly find and fix security issues, drastically reducing the manual effort from our development teams across CXT.
Complete Software Inventory (SBOM): Create an automated, comprehensive list of all software components we use to quickly identify and manage risk from new vulnerabilities or license issues.
Secure Development Assurance: Focuses on maturing foundational initiatives like the AppSec portal, security champions program, and targeted developer training to cultivate a proactive security culture and streamline critical processes.
Measurable Security Performance: Define clear metrics to track how well our security controls are working and establish a standardized framework for security testing to ensure consistent compliance and high quality.
Summary
Position Title: Security Developer
Position Type: Contract (Possibility of extension)
Hours: 36.25 hours/week
Location: Hybrid, Calgay
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
