Principal Application Security Specialist

Global RelayVancouver, BC
CA$125,000 - CA$160,000

About The Position

For over 25 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, eDiscovery, and analytics solutions. We securely capture and preserve the communications data of the world’s most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations. Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It’s a place where you can genuinely make an impact – and be recognized for it. We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers.

Requirements

  • 8+ years experience across application/product security testing and DevSecOps, with expert knowledge of software security.
  • Experience with security frameworks (OWASP, MITRE, NIST), testing tools (SAST/DAST/SCA), scripting (Python, Java, Bash, PowerShell), and DevOps/CI-CD tooling (Git, Jenkins, Docker/Kubernetes)
  • Solid understanding of secure development and coding practices
  • Comfortable working cross-functionally with Security, Dev, and Engineering teams
  • Strong communicator, able to translate technical concepts for any audience
  • Self-directed, detail-oriented, and a sharp problem-solver

Responsibilities

  • Collaborate with the Team Lead, Application & Software Security to develop and own the application security testing methodology and standards across web, API, mobile and AI/LLM domains.
  • Lead the most complex, novel and high-risk security assessments, including original research and the development of new testing techniques and tooling.
  • Own the organization-wide triage, escalation and evidence-quality framework across all security testing and scanning functions and define how L1–L3 teams are trained and measured against it.
  • Support the direction for the penetration testing and offensive security program.
  • Own the most advanced threat modelling for critical and cross-cutting architecture.
  • Serve as the organization's authority and final technical escalation point for application security.
  • Drive the integration of security into the SDLC and CI/CD pipelines, championing a proactive, risk-based, “shift-left” approach.
  • Develop the organization-wide standards for remediation verification, retest evidence and release closure, ensuring security gating is consistently and appropriately applied across all release pipelines.
  • Design and deploy an automated security framework for robust tooling and processes, using scripting and open-source solutions.
  • Collaborate with Engineering for the selection, deployment and management of security scanning tools (SAST, DAST, SCA, container) within CI/CD pipelines, integrating them via APIs and plugins using agile delivery methods.
  • Serve as the liaison for DevSecOps standards and provide input into new standards and policies.
  • Review and analyze vulnerability data to identify risk across applications, infrastructure and network, and manage false positives.
  • Set the organization's standards for root-cause analysis and remediation guidance on the most complex or systemic security defects and define how remediation quality is assessed across teams.
  • Define how testing coverage, quality and effectiveness are measured and drive continuous improvement.
  • Partner with engineering, product and architecture teams to influence secure design at scale and prioritize security investment.
  • Lead security sessions for engineering teams covering risks, report analysis, mitigations and process improvements.
  • Mentor and develop specialists, create documentation and training material, and raise the technical bar across the function.
  • Represent application security in cross-functional and, where appropriate, external forums.

Benefits

  • Competitive compensation
  • Comprehensive extended health benefits program
  • Virtual healthcare
  • Wellness allowance
  • Annual allotted vacation days, which increase based on tenure
  • Paid sick days
  • Maternity/parental enhancement program
  • Bonus
  • RRSP contribution matching program
  • Subsidized meal program (for Vancouver-based employees)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service