Position: Application Security Analyst – Consultant
Duration: 6-month contract (Possibility for extension)
Client Location: Toronto, Ontario (Services primarily delivered remotely; onsite attendance at 1 York Street, Toronto, ON may be required approximately 1–2 times per quarter or as mutually agreed.)
Engagement Model: Professional Services Engagement – B2B (Incorporated Entities Only)
Note: Only looking for 1-2 years of experience in Power Platform Consultant, looking for Power Platform Consultants, M365 Solution Specialists.
About the Engagement
Akkodis is seeking the services of an Application Security Analyst consultant to support a leading Canadian enterprise's Application Security and DevSecOps initiatives. This engagement is ideal for a hands-on security professional with 2–5 years of experience who enjoys working directly with application security tools, vulnerability management, secure development practices, and technical delivery teams. The successful consultant will contribute to improving application security capabilities by supporting security testing, vulnerability management, DevSecOps automation, and secure software development initiatives across enterprise environments.
Services to be Provided
- Support the administration and operation of application security platforms including SAST, DAST, SCA, and Mobile Application Security Testing (MAST) tools.
- Review vulnerability assessment results and provide remediation guidance to development and delivery teams.
- Assist with security tool tuning, upgrades, and optimization based on penetration testing findings.
- Support vulnerability management activities, reporting, and continuous improvement initiatives.
- Create and maintain security metrics, dashboards, KPIs, and KRIs.
- Educate development teams on OWASP Top 10 vulnerabilities for Web, Mobile, and API applications.
- Automate repetitive security tasks to improve operational efficiency.
- Support secure software delivery within DevSecOps and CI/CD environments.
- Provide operational support for web and mobile applications, including issue analysis, resolution, escalation, and documentation.
- Develop and maintain technical documentation and process artifacts.
Expertise Required
- 2–5 years of experience in Application Security, Cybersecurity, or a related Information Security role.
- Experience supporting application security programs and vulnerability management initiatives.
- Hands-on experience with one or more application security platforms including SAST, DAST, SCA, or MAST.
- Knowledge of DevSecOps principles and Agile software delivery practices.
- Understanding of secure software development lifecycle (SSDLC).
- Knowledge of OWASP Top 10 (Web, Mobile, APIs) and common application security vulnerabilities.
- Experience reviewing vulnerability findings and collaborating with development teams on remediation activities.
- Programming or software development experience using Java, C++, .NET, or similar technologies.
- Experience with scripting or automation to improve security processes.
- Strong analytical, troubleshooting, documentation, and communication skills.
- Ability to communicate effectively with both technical and non-technical stakeholders.
Education
- University degree or College diploma in Computer Science, Information Technology, Engineering, Cybersecurity, or a related discipline, or an equivalent combination of education and experience.
- Cybersecurity certifications such as CEH, CISSP, CSSLP, GWAPT, GWEB, CASE, or equivalent are considered an asset.
Nice to Have
- Experience interpreting penetration testing reports and remediation recommendations.
- Experience securing APIs, microservices, containers, and cloud environments (AWS preferred).
- Knowledge of CI/CD pipeline security and DevSecOps implementations.
- Experience with Java, J2EE, web services, or application integration technologies.
- Experience designing or supporting cloud-based security solutions.
- Familiarity with process engineering and continuous improvement initiatives.
- Knowledge of software procurement and vendor security lifecycle processes.
Important
This is a business-to-business engagement. Candidates must represent an incorporated entity, hold a valid business number, maintain appropriate insurance, and invoice for services rendered.
How to Apply
Submit your resume in confidence to Hannah.Blackwell@akkodisgroup.com or via the Akkodis Canada website.
Accessibility
At Akkodis, part of The Adecco Group, our purpose is simple: to make the future work for everyone. We live our values—Passion, Collaboration, Inclusion, Courage, and Customers at Heart—by fostering a workplace where diversity is celebrated and every voice matters. We encourage applications from individuals of all backgrounds and identities. Together, we're making the future work for everyone.