New Value Solutions, a national IT consulting company, is seeking an Application Security Analyst to join a Cybersecurity and Risk Management (CSRM) team. This role supports enterprise-wide application security initiatives, helping protect systems, services, and data. The successful candidate will play a key role in identifying, assessing, and mitigating application security risks across web, mobile, and cloud environments while collaborating with development and infrastructure teams. This role will be 100% onsite in Regina, Saskatchewan.
Responsibilities:
- Perform application security testing using both automated and manual techniques
- Conduct vulnerability assessments and penetration testing for web and mobile applications
- Test web services, APIs, and application integrations for security risks
- Perform code reviews and identify security vulnerabilities in development outputs
- Analyze false positives/negatives and provide actionable recommendations to development teams
- Support implementation and management of Web Application Firewall (WAF) protections
- Participate in risk identification, analysis, and mitigation across application and infrastructure environments
- Collaborate with internal teams to embed security practices into development processes (e.g., SDLC / DevSecOps)
- Contribute to strengthening overall application security posture across government systems
Requirements:
- Strong experience in application and information security, including identifying and mitigating risks
- Hands-on experience with web protocols (HTTP, HTTPS, SOAP)
- Experience with web technologies (HTML, JavaScript, XML, AJAX, JSON, REST)
- Familiarity with OWASP, application security testing standards, and security testing tools
- Experience with vulnerability scanning, analysis, and risk management programs
- Experience in static and dynamic application security testing (manual and automated)
- Understanding of Secure SDLC and DevSecOps practices
- Experience with cloud security and application architecture
- Knowledge of network infrastructure, routing, DNS, and web filtering
- Experience with secure coding practices
- Familiarity with ISO 27002 (or equivalent security standards)
- Experience working with government or similar environments is considered a strong asset
- CISSP (Certified Information Systems Security Professional) OR Certified Ethical Hacker (CEH) is required
If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.
ID#5325
The hourly rate range for this position is $95 - $110, with the final rate based on consultant experience and fit for the role.
