Senior IT Security Advisor (Application Security)

goeasy

$141K — $154K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related field; postgraduate education is a plus.
  • 8+ years in Information Security with 5+ in Application Security and related fields.
  • Expertise in secure software development practices, DevSecOps, and CI/CD pipelines.
  • Hands-on experience with application security testing tools and techniques.
  • In-depth knowledge of cloud, infrastructure, network, and web application security.
  • Experience in leading cross-functional security initiatives within regulated environments.
  • Professional certifications such as CISSP are required; others like CRISC or CSSLP are beneficial.

Responsibilities

  • Lead security assessments for applications and infrastructure using established standards.
  • Conduct security architecture and design reviews for alignment with security best practices.
  • Perform threat modeling and vulnerability analysis to assess risks and propose mitigations.
  • Collaborate with various teams to integrate security throughout project lifecycles.
  • Present security assessments and remediation strategies to stakeholders.
  • Promote Security by Design principles during project delivery.
  • Champion the adoption of Secure Software Development Lifecycle practices.

Benefits

  • Flexible Work Program allowing three onsite days per week.
  • RRSP matching and Employee Share Purchase Plan programs.
  • Company-paid volunteer days and access to 24/7 virtual doctor appointments.
  • Personalized benefits through a flexible modular package.
  • Exclusive access to on-site gym facilities and various employee development programs.
Full Job Description
The Senior IT Security Advisor, Application Security plays a critical role in protecting and enabling goeasy's technology landscape. As a senior security expert, you'll lead security assessments, influence architecture decisions, and partner with teams across the organization to embed security into every stage of the development and delivery lifecycle.

You'll serve as a trusted advisor to business and technology stakeholders, helping identify and manage security risks across applications, cloud platforms, infrastructure, networks, and strategic technology initiatives. Combining strong technical expertise with a pragmatic, risk-based approach, you'll drive security best practices, mature application security capabilities, and help ensure goeasy continues to deliver innovative solutions securely and confidently.

What will you be doing?
  • Lead security risk assessments for applications, infrastructure, cloud, network, and enterprise technology initiatives using ISO 27001, NIST, PCI DSS, SOC 2, and internal security standards to identify, assess, document, and communicate security risks and remediation strategies.
  • Conduct security architecture and design reviews to ensure solutions align with organizational security standards, regulatory requirements, and industry best practices.
  • Perform threat modelling, vulnerability analysis, and impact assessments to identify risks and recommend appropriate mitigation strategies.
  • Partner with engineering, infrastructure, architecture, and business teams to provide security guidance throughout project lifecycles.
  • Present security findings, risk recommendations, and remediation plans to technical and non-technical stakeholders.
  • Promote Security by Design principles throughout project delivery lifecycles and enterprise technology initiatives.
  • Champion Secure Software Development Lifecycle (SSDLC) practices, including secure coding standards, shift-left security, automated testing, and CI/CD integration.
  • Manage and mature application security programs, including SAST, SCA, DAST, penetration testing, vulnerability management, and API security.
  • Manage third-party application security testing activities, validate findings, and drive remediation efforts based on risk.
  • Identify security gaps across the technology landscape and recommend scalable, practical solutions to strengthen goeasy's security posture.
  • Act as a trusted advisor on information security, privacy, compliance, and risk management matters.
  • Evaluate existing security technologies and processes, recommending improvements that enhance efficiency, effectiveness, and security maturity.
  • Support and maintain security controls and compliance initiatives, including PCI DSS, SOC 2, Bill 198, and other regulatory requirements.

What experience do you have?
  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field; postgraduate education is considered an asset.
  • 8+ years of Information Security experience, including 5+ years specializing in Application Security, Security Architecture, Security Risk Assessments, and Threat Modeling within complex enterprise environments.
  • Strong knowledge of secure software development practices (SSDLC), DevSecOps, CI/CD pipelines, secure coding principles, and modern application security frameworks.
  • Hands-on experience with application security testing and vulnerability management, including SAST, SCA, DAST, penetration testing, and API security.
  • Deep understanding of cloud, infrastructure, network, and web application security, including OWASP Top 10 vulnerabilities and remediation methodologies.
  • Experience leading cross-functional security initiatives, influencing technical and business stakeholders, and working within regulated environments such as PCI DSS, SOC 2, SOX, and/or Bill 198.
  • Experience with Azure and/or AWS cloud platforms is required; previous Information Security Architect experience, programming/scripting experience (e.g., Java, Python, JavaScript, Go, Apex, or R), and Linux/Unix administration are considered strong assets.
  • Professional certifications including CISSP (required). Additional certifications such as CRISC, CSSLP, CCSP, CISM, OSCP, or GPEN are considered assets.

We offer a Flexible Work Program that provides you the ability to work three days onsite per week, from our Mississauga office.

Internal Applicants: please apply through the link and provide written endorsement from your current manager.

$141,570.00 - $154,000.00 CAD (includes base salary and bonus)

We're committed to attracting and rewarding top talent. Our compensation ranges are thoughtfully designed to reflect market competitiveness, internal equity, and the experience and impact each candidate brings to the role.

At goeasy, we believe transparency fosters trust - and that rewarding performance with fair, competitive pay and meaningful growth opportunities is key to our success.

Should your total compensation expectations fall above the posted range, we still encourage you to apply. If selected for an interview, you'll have the opportunity to discuss this with our recruitment team, as there may be flexibility based on your background and overall fit. Total compensation includes base salary and bonus.

This posting is for an existing vacancy within our team.

Financial Benefits:
  • RRSP matching and Employee Share Purchase Plan programs.
  • Annual bonus that rewards your hard work and dedication.
  • Employee discounts on furniture, electronics, and appliances.
  • MAT & PAT leave top-up.
  • Expand your financial knowledge through engaging Financial Literacy Learning opportunities.

Health and Lifestyle:
  • Enjoy company-paid volunteer days to give back to the community.
  • Access 24/7 healthcare with Virtual Doctor Appointments.
  • Personalize your benefits with a flexible modular benefits package.
  • Stay fit and energized with exclusive access to our on-site private gym at our head office.

Employee Perks:
  • Fuel your growth with the Tuition Assistance Program.
  • Double the impact of your generosity with Company Matched Charitable Donations.
  • Internal development training programs and platforms including job-specific training, career coaching, leadership excellence, mentorship, and many others.
  • Enjoy a state-of-the-art office space with perks like a games room, a healthy snack program, a fitness studio, free gated parking, and more!

Personal loans

Lease to own

Similar Jobs

More Jobs at goeasy

More Information Technology Jobs

Find similar Senior IT Security Advisor (Application Security) jobs: