×
Register Here to Apply for Jobs or Post Jobs. X

Senior Application Security Analyst Details

Job in Mississauga, Ontario, C4W, Canada
Listing for: Purolator
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Job Description & How to Apply Below
Position: Senior Application Security Analyst Job Details | Purolator
It’s not a package. It’s a promise®.
As Canada’s leading integrated freight, package, and logistics provider, we’ve been helping promises get where they need to be for more than 60 years. How does the magic happen?  The journey starts with you . The places we go, the elements we brave, the promises we deliver -  it’s all possible because of our people.  So, whether you’re looking to build new skills, make an impact in your community, or inspire your team,  we go there  for you.

Description
Purolator is one of Canada’s leading integrated freight, package, and logistics solutions providers, delivering dependable service to customers across the country. Security is a core enabler of Purolator’s digital and operational strategy. The Information Security Office partners closely with technology and business teams to protect Purolator’s systems, data, and customers while enabling innovation and secure delivery at scale.

The Senior Application Security Analyst is responsible for embedding security into the software development lifecycle (SDLC) by partnering closely with application and engineering teams. This role focuses on identifying, assessing, and reducing application and API security risk through threat modeling, secure design reviews, vulnerability management, and the operationalization of application security controls.

The successful candidate will act as a subject matter expert for application security, providing hands‑on guidance to development teams while helping mature secure development practices across the enterprise.
Responsibilities
Application & API Security

Perform application and API security assessments, including design reviews, threat modeling, and architecture reviews, in alignment with enterprise application security standards
Identify security risks across custom‑built, SaaS, and third‑party applications and work with application owners to define practical remediation plans
Review authentication, authorization, data handling, and integration patterns to ensure secure‑by-design implementations

Secure SDLC & Dev Sec Ops

Embed security requirements and controls early in the SDLC (“shift left”) by working directly with development and delivery teams
Support the integration and tuning of Static Application Security Testing (SAST), Software Composition Analysis (SCA), secret scanning, Dynamic Application Security Testing (DAST) and other application security tooling within CI/CD pipelines
Provide secure coding guidance and recommendations based on OWASP Top 10 and industry best practices
Develop and maintain clear, reusable documentation and standardized frameworks to enable consistent adoption of application security practices across teams

Vulnerability & Risk Management

Triage and assess application security findings from automated tools, penetration tests, and manual reviews
Partner with application teams to prioritize remediation based on risk, exploitability, and business impact

Advisory & Stakeholder Engagement

Act as a trusted security advisor to application owners, architects, and developers
Contribute to the development and maintenance of application security standards, patterns, and guidance documentation
Support third‑party assessments and security reviews for externally developed or hosted applications

Continuous Improvement

Identify opportunities to improve application security processes, tooling, and governance
Stay current with emerging application security threats, vulnerabilities, and defensive techniques

Required Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience
5+ years of progressive experience in application security, secure software development, or product security
Strong understanding of web and API technologies (HTTP/S, REST, JSON, OAuth, OpenID Connect, SAML)
Hands‑on experience with application security testing tools (SAST, SCA, DAST, secret scanning)
Solid knowledge of OWASP Top 10, threat modeling methodologies, and secure coding principles
Strong analytical, problem‑solving, and communication skills, with the ability to explain security risks to both technical and non‑technical audiences
Exceptional…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary