Application Security Engineer

Application Security Engineer

Toronto, Ontario, Canada  - Permanent

Job Description

Our client is on a mission to build human-like intelligence in machines.

Since 2014, they've been paving the way for a world filled with more powerful and helpful AI systems. They bring together reinforcement learning, machine learning, and remote human guidance to create intelligent robots that solve real-world problems alongside humans in complex, changing environments like today's supply chain

About this role:

Cybersecurity is not optional for the platform business. A single security incident can result in a complete loss of credibility and customers. As they grow, they need to make sure that security principles and practices are deeply embedded in their engineering culture and that they create necessary feedback loops that keep them continuously improving.

They are creating a centralized team of AppSec Engineers with different skills sets and levels of experience, providing services to different streams. AppSec Engineers will be in all the development centres and will collaborate as a team.

As a AppSec Engineer, you would offer expertise and guidance to software engineering teams and help them integrate security practices in their SDLC.

What you’ll do:

* Working with teams to provide them with help and guidance on addressing cybersecurity threats

* Conducting threat modelling sessions and training teams on how to run them

* Participating in security issue management processes

* Assisting engineering teams with organizing penetration testing by dedicated pentest partners

* Educating and supporting teams perform their security code reviews

* Oversee in-stream use of vulnerability detection and reporting tools

* Auditing, providing teams with feedback and guidance about their security activities (threat modelling, code reviews, SDLC practices)

* Keep updated the SDLC security guidelines

* Research security best practices in other organizations

* Keeping abreast of new vulnerabilities and attack vectors, and associated countermeasures

* Contributing to the centralized AppSec tooling

* Integrations with the security issue management system

* Security monitoring and alerting

* Security reporting

* Static and dynamic analysis

Must Have Skills:

* More than 2 years experience as an Application Security Engineer, or in a similar role (i.e. penetration tester or software developer focused on security)
* Capable of working in a proactive way in an autonomous environment while being part of an Application Security team
* Demonstrable programming ability with an in-depth understanding of underpinning techniques
* Experience in the full Software Development life-cycle from design to deployment
* Ability to work in a geographically dispersed team
* Strong communication skills and ability to influence engineering behaviours
* Interest in continuous learning

Nice to Have Skills:

* Knowledge of backend and frontend web application vulnerabilities
* Knowledge of cloud environments
* Knowledge of Agile methodologies
* Proven ability to tackle challenging projects


Starting: ASAP

Similar jobs in Toronto: