Senior Application Security Engineer (Offensive Security)

Robert Half View all jobs

  • Toronto, ON
  • Permanent
  • Full-time
  • 1 month ago
This is a hybrid opportunity (2–3 days per week onsite) based in Downtown Toronto.Are you ready to help shape and grow an innovative Offensive Security team?We are seeking an experienced cybersecurity professional who specializes in offensive security, application testing, and threat management within modern technology stacks—including low code/no code platforms and AI/ML pipelines.In this strategic role, you will lead efforts to identify vulnerabilities, simulate adversarial threats, and enhance the organization's security posture across its cloud, application, and AI/ML environments. Candidates with proven success building offensive security teams, driving penetration testing and incident response programs, and securing AI/ML workflows are encouraged to apply.Key Responsibilities:
  • Lead and execute penetration tests on low code/no code platforms, uncovering misconfigurations and privilege escalation issues.
  • Conduct targeted assessments of AI/ML pipelines, models, and data flows to identify security gaps.
  • Evaluate CI/CD integrations and MLOps environments with a focus on risk mitigation.
  • Analyze web and mobile applications for vulnerabilities, including insecure APIs and injection threats.
  • Perform threat modeling and code analysis to support vulnerability remediation.
  • Monitor and respond to security incidents using SIEM technologies such as Splunk and Azure Sentinel.
  • Develop use cases that anticipate emerging threats, especially those related to AI/ML attack vectors.
  • Utilize industry-standard tools—Burp Suite, OWASP ZAP, Checkmarx, Veracode, Snyk—for comprehensive vulnerability assessments.
  • Conduct offensive API testing and simulate real-world adversarial scenarios.
Qualifications:
  • 10+ years of hands-on experience in offensive cybersecurity, covering penetration testing, red teaming, and adversary simulation.
  • Expertise in cloud security (AWS, Azure) and familiarity with modern security frameworks such as NIST, ISO 27001, and MITRE ATT& CK.
  • Solid foundation in application security, incident response, and threat management.
  • Preferred experience with low code/no code platforms and AI/ML pipeline security testing.
  • Relevant offensive security certifications (e.g., OSCP, OSCE, OSEP, GPEN, GWAPT) are highly regarded.
  • Take the next step in your cybersecurity career—apply now and help drive the future of offensive security.
Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.This job posting is for a current vacancy with our client.Our specialized recruiting professionals apply their expertise and utilize our proprietary AI to find you great job matches faster.Questions? Call your local office at 1.888.490.4429. All applicants applying for Canadian job openings must be authorized to work in Canada.Only job postings for jobs located in Quebec appear in French.© 2025 Robert Half. By clicking “Apply,” you’re agreeing to Robert Half’s Terms of Use and Privacy Notice.

Jobboom