Application Security Engineer

About The Position

Requirements

• 2+ years of programming, scripting and/or DevOps experience and 3+ years of information security experience
• Experience performing security testing of an application using Static Application Security testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA) tooling.
• Experience in reviewing findings from the above tools to analyze false positives and recommend security fixes.
• Demonstrated comprehension of the OWASP Top 10 and an ability to communicate with developers and application architects.

Nice To Haves

• Information security qualification such as CISSP
• GIAC or related certifications related to application pen testing or secure development
• Experience with threat modeling and familiar with using frameworks to guide decision making based on risk tolerance and business objectives
• Experience in security AI development tooling (Claude Code, Copilot, Cursor, MCP)
• Experience in securing Agentic AI features within an application/product
• Experience with technology/tools such as Kubernetes, Docker, Jenkins, Terraform, AWS, Github, etc
• Experience automating security testing into CI/CD pipelines

Responsibilities

• Use SAST, DAST, SCA and Secrets Detection tooling to find vulnerabilities as part of security hygiene and integrated into CI/CD pipelines
• Ensure that we are designing platforms, implementing tools and building products with security in mind.
• Serve as trusted advisor and collaborator to developers to identify new threats, attack methods, and techniques, to develop and prioritize mitigation plans (threat modeling & governance)
• Influence stakeholders to correct security deficiencies in solution design as well as developed code
• Collaborate with partners in infrastructure and engineering to measurably harden, monitor, and ensure resilience for our cloud-hosted platforms and software development lifecycle.
• Participate in cross-organizational security projects and work to continuously improve our security posture
• Integrate with a maturing vulnerability management program to ensure tracking and remediation of security issues.

Benefits

• 100% Employer-Paid Health Benefits: We cover 100% of the premiums for you and your eligible dependents, including comprehensive medical, dental (basic & major), vision, life insurance, and disability.
• Generous Paid Time Off: 25 days of vacation annually, plus 5 paid sick days, all public holidays, and additional company-wide Rest & Recharge days.
• Premium Mental Health Support: Full, free access to Modern Health for you and your dependents, including coaching, therapy sessions, and digital wellness resources.
• Annual Lifestyle Stipend: A $950 CAD annual Lifestyle Spending Account to spend on your physical, mental, and financial well-being.
• Remote Work Support: A one-time $550 USD (equivalent) stipend to set up your home office, plus a monthly $50 USD (equivalent) stipend for internet.
• Personalized Financial Wellness: No-cost, confidential access to financial experts through Your Money Line to support your personal financial goals.
• Family & Care Support: Access to subsidized child and eldercare options through Care.com.
• Charitable Giving: A company match for your donations to eligible organizations.