Apply

2-year Application Security Analyst contract supporting enterprise security initiatives.

• 100% onsite role in Regina, Saskatchewan.
• Long-term contract opportunity within a large, structured public sector environment.
• Hands-on application security role across enterprise systems.
• Focus on application security testing, risk mitigation, and secure development practices.

What & Why:
Our client, a large provincial government organization, is seeking experienced Application Security Analysts to support a centralized cybersecurity and risk management function. This role focuses on strengthening the security of critical applications by identifying and mitigating vulnerabilities across web, mobile, and API environments. You will work within a mature program that combines hands-on testing (manual and automated), vulnerability assessments, penetration testing, and secure development advisory. Success in this role requires the ability to operate within structured processes, collaborate effectively, and communicate technical risks in a clear business context.

Who:
Our client is a provincial public sector organization delivering secure digital services across the province. This role sits within a centralized Cybersecurity and Risk Management function responsible for information security governance, incident response, threat and risk assessments, procurement security oversight, and ongoing vulnerability management. You will collaborate across teams to support a broad portfolio of applications while contributing to both day-to-day security operations and longer-term cybersecurity maturity initiatives.

You:
You bring deep technical expertise combined with the ability to translate security risks into clear, business-aligned recommendations. Critical experience requirements include:

• Strong hands-on experience in application security testing using both manual and automated techniques.
• Proven experience conducting vulnerability assessments and penetration testing across web, mobile, and API environments.
• Experience performing code reviews and supporting remediation efforts with development teams.
• Strong understanding of secure development practices, secure SDLC, and DevSecOps integration.
• Experience working in large, structured enterprise or public sector environments.
• Ability to analyze false positives / false negatives and refine security findings.
• Experience supporting WAF implementation and web application protection strategies.
• Strong communication skills with the ability to clearly articulate technical risks and business impact.
• CISSP or Certified Ethical Hacker (CEH) certification.

Nice to have

• Experience working within provincial or federal government environments.
• Strong knowledge of OWASP, application security standards, and security testing tools.
• Experience with ISO 27002 or similar security frameworks.
• Experience with cloud security and DevSecOps pipeline integration.
• Understanding of infrastructure and networking fundamentals (DNS, routing, etc.)
• Degree in Computer Science or a related field.
   

Compensation: this role pays between $100-110 per hour.

Next Steps:
If the sound of this opportunity excites you, and you’re confident that it’s a good fit for your experience and career goals, then we’d love to hear from you! Please send your updated resume to us by applying to this posting and one of our awesome team of recruiters will be in touch.