IT Auditor, Application Security
Global Relayabout 3 hours ago
Vancouver, CanadaMid Level / Senior
H1B Sponsor
Responsibilities
- Assess application security and engineering programs, policies, and software development governance practices.
- Evaluate the secure software development lifecycle (SDLC) and DevSecOps practices.
- Review application security testing activities and outputs.
- Assess vulnerability management and penetration testing processes.
- Identify recurring security findings and systemic risks.
- Participate in risk-based audit planning activities.
- Document audit observations and develop risk-based recommendations.
- Prepare and communicate audit findings to stakeholders.
- Support audit issue tracking and remediation activities.
- Stay informed of emerging threats and industry trends.
Requirements
- 3-5 years of experience in IT Audit, Application Security, Cybersecurity, or related fields.
- Relevant certifications such as CSSLP, CISSP, CISA, or CRISC are considered an asset.
- Experience evaluating application security controls within SDLC and DevSecOps environments.
- Familiarity with application security testing methodologies and tools.
- Understanding of common application security risks and frameworks like OWASP Top 10.
- Strong analytical and critical thinking skills.
- Effective communication skills for both technical and non-technical audiences.
- Ability to manage multiple priorities and maintain organization.
Benefits
- Comprehensive extended health benefits program, including virtual healthcare.
- Annual vacation days that increase with tenure.
- Paid sick days and maternity/parental enhancement program.
- Bonus and RRSP contribution matching program.
- Subsidized meal program for Vancouver-based employees.