Senior Specialist Threat Mgmt (Application Security)

• Job ID: 54186
• Job Category: Information & Technology
• Division & Section: Office of the CISO, Cyber Threat Management
• Work Location: , 55 John Street, Toronto (Hybrid Work)
• Job Type & Duration: Full-time, Permanent 
• Salary: $122,305.00 -$163,639.00, PSG #TM5101 and wage grade 8. 
• Shift Information: Monday to Friday, 35 hours per week per week
• Affiliation: Non-Union
• Number of Positions Open: 1 
• Posting Period: 03-MAR-2025 to 17-MAR-2025
•  

As the Senior Specialist, Threat Management (Application Security), you will provide strategic and operational guidance to the Manager of Application Security and the Director of Cyber Threat Management in executing a City-wide cyber program to enhance organizational protection, directly supporting the Chief Information Security Officer’s (CISO) mandate, cyber vision, and strategy.

Key responsibilities include spearheading application security initiatives by strengthening cloud-native security, integrating DevSecOps practices, and implementing robust strategies for container security, threat modeling, and comprehensive cloud security solutions.

Collaboration is essential, working closely with development, security, and operations teams to embed cybersecurity best practices, assess vulnerabilities, and implement risk mitigation strategies for secure software development.

Additionally, this role partners with enterprise IT to design, implement, and configure cybersecurity solutions that address emerging threats and risks while ensuring alignment with business and regulatory requirements.

The Senior Specialist (Application Security), will have a focus on the following:

• Design and Configure Cybersecurity Solutions: Work closely with enterprise IT to design and configure security solutions that address application security risks. Provide hands-on support in implementing security controls and ensuring alignment with compliance and business needs.
• Enhance Container Security: Implement and enforce security measures for containerized applications, including Kubernetes security best practices. Provide technical expertise and hands-on support to teams securing containerized environments.
• Perform and Guide Security Assessments: Perform comprehensive application security assessments and work with development teams to ensure identified vulnerabilities are addressed and remediated effectively.
• Research & Technical Leadership: Stay ahead of emerging threats and evolving security technologies, providing research, proof-of-concepts, and technical recommendations for cloud security (CASB), web application and API security (WAAP), securing AI systems, and other relevant areas.
• Lead Threat Modeling Efforts: Conduct comprehensive threat modeling exercises using frameworks like STRIDE or PASTA to identify, analyze, and prioritize risks. Provide guidance to developers and security specialists on integrating threat modeling into the SDLC.
• Manage and Optimize Security Tools: Utilize and refine SAST, DAST, and SCA tools to analyze code and third-party components for vulnerabilities. Lead the implementation of automated security testing in CI/CD pipelines and assist teams in optimizing security workflows.
• Collaborate Across Teams: Work closely with development, operations, and IT teams to integrate security best practices into all stages of application development and deployment. Act as a subject matter expert, offering hands-on support and guidance.
• Strengthen Secure Coding Practices: Provide direct support and training on secure coding practices, helping development teams proactively integrate security into their workflows. Conduct code reviews and offer remediation strategies.

The Senior Specialist develops and implements detailed security plans and recommends cybersecurity policies and procedures aligned with program-specific requirements. They determine cybersecurity needs for business strategies, providing technical solutions, expert guidance, and risk-based recommendations. This includes developing, reviewing, and ensuring approvals of security strategies based on industry-accepted frameworks, and taking a proactive approach to identifying security gaps and opportunities for improvement to mitigate risk.

The Senior Specialist leads the development of security metrics to track the effectiveness of defenses, identify trends, ensure compliance, and monitor key performance indicators. It includes preparing and delivering reports for senior management to demonstrate the efficiency and compliance of security functions.  They will also develop, prepare and supervises formal contractual documents, such as Requests for Information/Proposals/Quotations, Statements of Work, Memorandums of Understanding, and Service Level Agreements.

The role provides leadership, direction, and subject matter expertise to project teams, staff, and contract resources, managing daily operations, performance evaluations, and fostering employee engagement. They organize and lead multidisciplinary teams across business and technical functions to execute cybersecurity initiatives, communicating effectively with stakeholders, project managers, clients, and executives, ensuring alignment on cybersecurity decisions, risk management strategies, and project outcomes.

Serving as the internal/external point of contact and subject matter expert on cybersecurity matters, the Senior Specialist represents the organization in meetings with executive leadership and strategic partners, providing strategic advice on cyber risks, identifying vulnerabilities, and ensuring appropriate mitigations are in place. They lead and monitor cyber risk activities performed by various teams, ensuring adherence to the organization's information risk policy, directives, and security controls, resolving cyber risk issues and escalating significant threats to senior management when necessary.

The Senior Specialist conducts research into cybersecurity trends, legislative changes, and best practices, ensuring compliance and participating in the development and enforcement of security policies. They work with senior management to address active cyber threats, managing the analysis of confidential information related to security weaknesses and maintaining up-to-date knowledge of the organization’s cyber landscape. Responsibilities also include providing input into project budgets, preparing contractual documents, maintaining accurate reporting of key risk metrics, developing risk management reports, and preparing recommendations on business process improvements, training needs, staffing levels, and resource allocation.

Finally, they identify and evaluate emerging security technologies to enhance the organization’s cybersecurity posture, participate in transformation strategies focused on security, integrating new and existing technology systems to improve operations and threat response capabilities, build and maintain strong relationships with internal and external stakeholders, collaborating with strategic partners to advance cyber programs, and stay up to date on cybersecurity threats, trends, and emerging technologies, ensuring the organization remains resilient against evolving threats.

What you bring to the role

• Post-secondary degree in Computer Science, Information Technology or related discipline or an equivalent combination of education and related experience.
• Extensive experience in cloud native application security and  implementing enterprise security solutions with strong understanding of application security threats, attack patterns, emerging security vulnerabilities.
• Considerable hands-on experience applying Container security knowledge, including container-centric and Kubernetes-native approaches to securing container images and runtimes.
• Considerable hands-on implementation experience using Application Security tools (SAST, DAST, SCA etc.).
• Considerable experience implementing cloud security practices and technologies, with a focus on securing cloud-native applications.
• Experience with threat modeling techniques and methodologies.

• Strong understanding of DevSecOps practices and the ability to implement security throughout the software development lifecycle.
• Experience leading a team (internal or external resources) with strong interpersonal skills to work independently and collaboratively with others in a multidisciplinary team setting.
• Preferred Certifications (any in the list): CISA/CISSP/CCSP/CISM/CIA/ CEH/SANS GIAC, OSCP, CSSLP, CAS)

• Ability to work at three levels - Strategy, design, and hands on technical.

• Proficient in cloud security and industry-leading best practices for robust data protection.

• Must have excellent knowledge of different areas of IT operations / processes (change mgmt., release mgmt.), and be able to define/design security processes to meet business requirements.

• Excellent written & verbal communication skills with the ability to communicate effectively at all levels including leadership, business partners, project stakeholders, divisional teams and vendors), translating technical details into easily understood language.
• Ability to assess communications gaps and opportunities and to develop new content strategies that deliver on business objectives.
• Creative, critical, analytical and strategic thinker with the ability to problem, solve and identify solutions to unusual and complex problems.
• Ability to achieve business objectives through influencing and effectively working with key stakeholders.
• Ability to prioritize and effectively manage competing priorities, projects and initiatives while adhering to strict deadlines within a fast paced environment.
• Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.
• Self-motivated with desire to go above and beyond required tasks and ability to work extremely well under pressure while maintaining a high level of professionalism
• Transferable skills, including communication and decision-making, are equally important. Being able to think on your feet and show good judgment are especially valuable in this field. Professionals in cyber security must be able to react quicky and strategically to cyber-related incidents.

Notes:

• A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.         
• The successful candidate will be subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity and Inclusion

The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

Accommodation

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.