Previous Job
Application and Cloud Security Analyst
Ref No.: 18-03383
Location: Brampton, Ontario
Job Title: Application & Cloud Security
Client: Loblaw's
Duration: Fulltime

Reporting to the Sr. Manager, Security Technology, Digital & Cloud, this role will be responsible for working with various teams in Loblaw to drive the Application Security and Cloud Programs as well as perform security advisory on projects which impact the Application or Cloud security posture of the organization.

Key Responsibilities

- Working with key stakeholders to provide advisory on application security best practices and recommendations.
- Co-ordinating and validating application security assessments and penetration tests performed by third parties.
- Providing guidance to development teams regarding security requirements and the impact of application related risks to the security of the application and organization.
- Driving the Secure Systems Development Life Cycle framework program and being the liaison between the Information Security Team and testing teams.
- Designing and implementing security strategies and processes.
- Provide valuable contributions to Cloud security implementation projects.
- Advise IT teams and the business of cloud implementation security best practices and strategies.
- Liaise with product vendors and consulting firms participating on related projects.

- Firm grasp of Software Development concepts and methodologies.
- Knowledge of programing language structure and operation.
- Understanding of the Software Development Life Cycle.
- Firm understanding of application security assessment tools such as Attack Proxies, Vulnerability Scanners as well as penetration testing methodology.
- Intermediate level knowledge of Firewalls and similar network-based security tools.
- Understanding of the operation of TCP/IP networking, concepts and protocols.
- Knowledge of Cloud computing concepts and deployment models.
- Understanding of current vulnerabilities and concerns surrounding application and cloud security.
- Excellent communication skills.
- Post-Secondary Degree/Diploma in a related discipline.
- CISSP or related certification is an asset.
- Determination to learn and grow paired with a passion for security field is a definite asset.