Application Security Expert

Job not on LinkedIn

🕒 2 days ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

TEHORA inc.

WebsiteLinkedInAll Job Openings

11 - 50 employees

TEHORA inc. is a company focused on offering enduring solutions through a strong ethos of observation, analysis, creation, innovation, sustainability, and preservation for future generations. Led by President Emmanuelle Soudé, TEHORA inc. operates with a commitment to long-term growth and partnership. The company's services and growth opportunities are a testament to their dedication to these principles, making them an appealing place for prospective employees. They have their headquarters in Québec, Canada, and encourage spontaneous applications from potential candidates.

📋 Description

• Analyze the application security of web components, APIs, and microservices; • Provide security and mitigation recommendations; • Support developers in implementing secure development best practices; • Participate in application risk analysis and in prioritizing remediation measures; • Recommend appropriate security controls for Azure environments; • Contribute to authentication, authorization, and data protection mechanisms; • Support logging, detection, and incident monitoring/tracking; • Produce advisories, reports, risk registers, or mitigation plans.

🎯 Requirements

• Significant experience in application cybersecurity • Experience with modern web applications, APIs, and microservices • Familiarity with OWASP best practices • Experience in cloud environments • Solid understanding of identity, MFA, OAuth2, OpenID Connect, or equivalents • Ability to explain risks and recommendations in plain language • Application security, API security, and secure development • Identity and access management • Secure code review, SAST/DAST or equivalent approaches • Logging, traceability, and data protection • Risk analysis and mitigation recommendations • Azure B2C / MSAL, Azure Key Vault, Azure WAF • Azure Monitor, Application Insights, Azure API Management • DevSecOps, OWASP ASVS, Quebec's Law 25 • Experience in the public sector or in regulated environments • Relevant security certifications • Contract engagements or resource-pool arrangements, depending on client needs • Primarily remote work; availability to coordinate as needed for interventions

🏖️ Benefits

• Remote work and flexibility to accommodate family responsibilities • An entrepreneurial culture that fosters creativity and innovation • Flexible hours (depending on the type of employment contract) • Sick leave and leave for family events • Appropriate IT equipment • A fulfilling and motivating workspace • Social and environmental initiatives • Workplace learning program • Career development path