Application Security SME
About the role
Job Title: Application Security SME Location: Toronto, ON Work Arrangement: Onsite (Hybrid) Employment Type: Contract Duration: 12 Months Domain: BFSI Pay Rate: CAD 70-75/hour Incorporated Application Deadline: Jun 30th, 2026
SKILLS REQUIRED Mandatory Skills:
Application Security Strategy & Advisory Secure SDLC / DevSecOps Enablement Architecture Reviews & Threat Modeling
Security Testing & Vulnerability Management
- Lead or support application security assessments, including: o Static Application Security Testing (SAST) o Dynamic Application Security Testing (DAST) o Software Composition Analysis (SCA) o API Security Testing o Manual security reviews and penetration testing coordination
- Analyze, triage, and prioritize vulnerabilities based on risk and business impact
- Work closely with development teams to track remediation and validate closure of security issues
- Support secure management of open-source components and third-party libraries Cloud & Modern Application Security
- Provide security guidance for modern application environments, including: o Microservices and APIs o Containers and Kubernetes o Cloud-native applications o Serverless and event-driven architectures
- Collaborate with cloud and platform engineering teams to secure application workloads in Azure, AWS, or GCP
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field
- 8+ years of experience in application security, secure software engineering, cybersecurity architecture, or related roles
- Proven experience implementing and managing application security programs in enterprise environments
- Strong understanding of: o Secure SDLC / SSDLC o DevSecOps principles o OWASP Top 10 o API Security Top 10 o Common software and web application vulnerabilities
- Hands-on experience with application security testing tools such as: o SAST: Checkmarx, Fortify, Veracode, SonarQube o DAST: Burp Suite, AppScan, Acunetix o SCA: Snyk, Black Duck, Mend/WhiteSource
- Experience in threat modeling methodologies (e.g., STRIDE)
- Strong knowledge of authentication, authorization, encryption, secrets management, and secure design principles
- Experience working with cloud platforms such as Azure, AWS, or GCP
- Strong verbal and written communication skills with ability to work across technical and non-technical stakeholders
Preferred Qualifications
- Experience in highly regulated industries such as Banking, Financial Services, Insurance (BFSI), healthcare, or public sector
- Familiarity with security requirements related to standards/frameworks such as: o NIST o ISO 27001 o PCI-DSS o SOC 2 o OSFI guidance (for Canada-based roles)
- Experience with CI/CD platforms such as Azure DevOps, Jenkins, GitHub Actions, or GitLab
- Exposure to container security, Kubernetes security, and cloud workload protection
- Familiarity with red team / blue team collaboration for application-layer attack simulation and response readiness
Preferred Certifications
- CISSP
- CSSLP
- CISM
- CEH / GWAPT / OSCP (nice to have)
- Cloud Security certifications (Azure / AWS / GCP)
Key Skills & Competencies
- Deep expertise in application security architecture and secure development practices
- Strong analytical and problem-solving capabilities
- Ability to influence and partner with engineering teams in a collaborative manner
- Excellent stakeholder management and communication skills
- Strong understanding of balancing security, agility, and business priorities
- Ability to work independently and lead strategic application security initiatives
EEOC Compliance: We are an equal opportunity employer, and all qualified applicants will receive consideration for employment.
DISCLAIMER AI Usage Policy: Pacer Group uses AI to assist in screening applications. Final hiring decisions are made by human recruiters based on qualifications and experience.
Not the right fit? Search for Application Security SME jobs in Toronto, Ontario, Canada
About Pacer Group
Founded in 2008, PACER is a Minority Woman-owned Global Staffing firm serving Fortune 500 Clients with customized and scalable workforce solutions. With our Account Management integrated into our service delivery processes, we provide our clients with staffing solutions that are transparent and robust irrespective of the industry they function in.
Services:
- Staffing
- Employer of Record (EOR)
- Agency of Record (AOR)
- Recruitment Process Outsourcing (RPO)
- Sunset Supplier Solutions
Today we employ over 8500 industry professionals supported by over National and 12000+ Globally locations across the US, Canada, and India. Our Fortune 500 and Global 2000 clients leverage this expansive reach by engaging PACER as a preferred go-to supplier across multiple regions and countries to receive consistent deliverables, terms, rates, and cost savings. We have a workforce in 50 states and one of the biggest IT Consultants bench in the US.
Key Facts: Largest Diverse Company in the Philadelphia and Pennsylvania Top 5 Fastest Growing Staffing Firms in the USA-SIA 2024 Largest Staffing Firms List - SIA 2018-2024 Largest IT Staffing Firms List - SIA 2018-2024
We are firmly rooted in technology and deliver tailored Workforce Solutions to solve our client challenges while focusing on the right people, processes, and technologies. With a team of over 500 Recruiters, Lead recruiters and Account Managers, we deliver best-in-class staffing experience.
As a minority women owned company. Diversity is part of our core values. Pacer has extensive experience in placing a diverse workforce.
- About 55 % of our total technical workforce is diverse
- 33% of total technical workforce are women.
- 60% of our internal workforce are women.
Veteran Hiring: Pacer has hired 631 Veterans in 2024 till date are we company of choice for Veterans and Veteran spouses. We were awarded by Military jobs.com as top employer of Veterans and military wives.
Similar Jobs
Application Security SME
About the role
Job Title: Application Security SME Location: Toronto, ON Work Arrangement: Onsite (Hybrid) Employment Type: Contract Duration: 12 Months Domain: BFSI Pay Rate: CAD 70-75/hour Incorporated Application Deadline: Jun 30th, 2026
SKILLS REQUIRED Mandatory Skills:
Application Security Strategy & Advisory Secure SDLC / DevSecOps Enablement Architecture Reviews & Threat Modeling
Security Testing & Vulnerability Management
- Lead or support application security assessments, including: o Static Application Security Testing (SAST) o Dynamic Application Security Testing (DAST) o Software Composition Analysis (SCA) o API Security Testing o Manual security reviews and penetration testing coordination
- Analyze, triage, and prioritize vulnerabilities based on risk and business impact
- Work closely with development teams to track remediation and validate closure of security issues
- Support secure management of open-source components and third-party libraries Cloud & Modern Application Security
- Provide security guidance for modern application environments, including: o Microservices and APIs o Containers and Kubernetes o Cloud-native applications o Serverless and event-driven architectures
- Collaborate with cloud and platform engineering teams to secure application workloads in Azure, AWS, or GCP
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field
- 8+ years of experience in application security, secure software engineering, cybersecurity architecture, or related roles
- Proven experience implementing and managing application security programs in enterprise environments
- Strong understanding of: o Secure SDLC / SSDLC o DevSecOps principles o OWASP Top 10 o API Security Top 10 o Common software and web application vulnerabilities
- Hands-on experience with application security testing tools such as: o SAST: Checkmarx, Fortify, Veracode, SonarQube o DAST: Burp Suite, AppScan, Acunetix o SCA: Snyk, Black Duck, Mend/WhiteSource
- Experience in threat modeling methodologies (e.g., STRIDE)
- Strong knowledge of authentication, authorization, encryption, secrets management, and secure design principles
- Experience working with cloud platforms such as Azure, AWS, or GCP
- Strong verbal and written communication skills with ability to work across technical and non-technical stakeholders
Preferred Qualifications
- Experience in highly regulated industries such as Banking, Financial Services, Insurance (BFSI), healthcare, or public sector
- Familiarity with security requirements related to standards/frameworks such as: o NIST o ISO 27001 o PCI-DSS o SOC 2 o OSFI guidance (for Canada-based roles)
- Experience with CI/CD platforms such as Azure DevOps, Jenkins, GitHub Actions, or GitLab
- Exposure to container security, Kubernetes security, and cloud workload protection
- Familiarity with red team / blue team collaboration for application-layer attack simulation and response readiness
Preferred Certifications
- CISSP
- CSSLP
- CISM
- CEH / GWAPT / OSCP (nice to have)
- Cloud Security certifications (Azure / AWS / GCP)
Key Skills & Competencies
- Deep expertise in application security architecture and secure development practices
- Strong analytical and problem-solving capabilities
- Ability to influence and partner with engineering teams in a collaborative manner
- Excellent stakeholder management and communication skills
- Strong understanding of balancing security, agility, and business priorities
- Ability to work independently and lead strategic application security initiatives
EEOC Compliance: We are an equal opportunity employer, and all qualified applicants will receive consideration for employment.
DISCLAIMER AI Usage Policy: Pacer Group uses AI to assist in screening applications. Final hiring decisions are made by human recruiters based on qualifications and experience.
Not the right fit? Search for Application Security SME jobs in Toronto, Ontario, Canada
About Pacer Group
Founded in 2008, PACER is a Minority Woman-owned Global Staffing firm serving Fortune 500 Clients with customized and scalable workforce solutions. With our Account Management integrated into our service delivery processes, we provide our clients with staffing solutions that are transparent and robust irrespective of the industry they function in.
Services:
- Staffing
- Employer of Record (EOR)
- Agency of Record (AOR)
- Recruitment Process Outsourcing (RPO)
- Sunset Supplier Solutions
Today we employ over 8500 industry professionals supported by over National and 12000+ Globally locations across the US, Canada, and India. Our Fortune 500 and Global 2000 clients leverage this expansive reach by engaging PACER as a preferred go-to supplier across multiple regions and countries to receive consistent deliverables, terms, rates, and cost savings. We have a workforce in 50 states and one of the biggest IT Consultants bench in the US.
Key Facts: Largest Diverse Company in the Philadelphia and Pennsylvania Top 5 Fastest Growing Staffing Firms in the USA-SIA 2024 Largest Staffing Firms List - SIA 2018-2024 Largest IT Staffing Firms List - SIA 2018-2024
We are firmly rooted in technology and deliver tailored Workforce Solutions to solve our client challenges while focusing on the right people, processes, and technologies. With a team of over 500 Recruiters, Lead recruiters and Account Managers, we deliver best-in-class staffing experience.
As a minority women owned company. Diversity is part of our core values. Pacer has extensive experience in placing a diverse workforce.
- About 55 % of our total technical workforce is diverse
- 33% of total technical workforce are women.
- 60% of our internal workforce are women.
Veteran Hiring: Pacer has hired 631 Veterans in 2024 till date are we company of choice for Veterans and Veteran spouses. We were awarded by Military jobs.com as top employer of Veterans and military wives.