Staff, Application Security Engineer

Posted 2 days agoViewed

View full description

💎 Seniority level: Staff, 8+ years

📍 Location: Alberta, Ontario, British Columbia, Canada

💸 Salary: 143000.0 - 178000.0 CAD per year

🔍 Industry: Software Development

🗣️ Languages: English

⏳ Experience: 8+ years

🪄 Skills: AWSPythonCloud ComputingGCPJavaTypeScriptAPI testingAzureGoCI/CDRESTful APIsLinux

Requirements:

8+ years of experience in application security, secure software development, or related fields.
Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
Strong knowledge of OWASP top 10s and modern attack vectors
Proficiency in at least one programming language (Python, Go, Java, TypeScript)

Responsibilities:

Lead Application Security initiatives across different teams to design, build and implement security best practices
Implement and enhance security automation within CI/CD pipelines
Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
Develop and maintain secure coding guidelines and security training for Engineers
Investigate security vulnerabilities and support incident response as needed
Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

Apply

Related Jobs

Apply

🔥 Staff, Application Security Engineer

Posted 9 days ago

📍 Alberta, Ontario or British Columbia, Canada

💸 143000.0 - 178000.0 CAD per year

🔍 Software Development

🔧 Requirements

8+ years of experience in application security, secure software development, or related fields.
Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
Strong knowledge of OWASP top 10s and modern attack vectors
Proficiency in at least one programming language (Python, Go, Java, TypeScript)
Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels

💡 Responsibilities

Lead Application Security initiatives across different teams to design, build and implement security best practices
Implement and enhance security automation within CI/CD pipelines
Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
Develop and maintain secure coding guidelines and security training for Engineers
Investigate security vulnerabilities and support incident response as needed
Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonCloud ComputingGCPJavaTypeScriptAPI testingAzureGoCI/CDRESTful APIsLinux

Posted 9 days ago

Apply

🔥 Staff, Application Security Engineer

Posted 9 days ago

📍 Canada

💸 143000.0 - 178000.0 CAD per year

🔧 Requirements

8+ years of experience in application security, secure software development, or related fields.
Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
Strong knowledge of OWASP top 10s and modern attack vectors
Proficiency in at least one programming language (Python, Go, Java, TypeScript)

💡 Responsibilities

Lead Application Security initiatives across different teams to design, build and implement security best practices
Implement and enhance security automation within CI/CD pipelines
Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
Develop and maintain secure coding guidelines and security training for Engineers
Investigate security vulnerabilities and support incident response as needed
Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonCloud ComputingGCPJavaTypeScriptAzureGoCI/CDRESTful APIs

Posted 9 days ago

Apply

🔥 Staff, Application Security Engineer

Posted 13 days ago

📍 Canada

💸 143000.0 - 178000.0 CAD per year

🔍 Software Development

🏢 Company: Twilio👥 5001-10000💰 $378,215,525 Post-IPO Equity over 3 years ago🫂 Last layoff over 1 year agoMessaging SMS Mobile Apps Enterprise Software Software

🔧 Requirements

8+ years of experience in application security, secure software development, or related fields.
Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
Strong knowledge of OWASP top 10s and modern attack vectors
Proficiency in at least one programming language (Python, Go, Java, TypeScript)
Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels

💡 Responsibilities

Lead Application Security initiatives across different teams to design, build and implement security best practices
Implement and enhance security automation within CI/CD pipelines
Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
Develop and maintain secure coding guidelines and security training for Engineers
Investigate security vulnerabilities and support incident response as needed
Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonSoftware DevelopmentCloud ComputingCybersecurityGCPJavaTypeScriptAzureGoCI/CDRESTful APIs

Posted 13 days ago

Apply

🔥 Staff Application Security Engineer (CAN)

Posted 21 days ago

📍 Canada

🧭 Full-Time

🔍 Software Development

🏢 Company: NerdWallet👥 501-1000💰 Secondary Market almost 4 years ago🫂 Last layoff 8 months agoInternet Consumer Financial Services Personal Finance

🔧 Requirements

8 + years of professional experience as a security engineer, software engineer, site reliability engineer, penetration tester/ red team member, or security consultant
5+ years of experience working in Agile development, with expertise in technologies such as cloud environments (e.g., AWS), application security testing tools (e.g., SAST, DAST, SCA), infrastructure as code (e.g., Terraform), containers (e.g., Docker, Kubernetes), continuous integration (e.g., Jenkins, GitHub Actions), integration of security testing tools into CI pipelines, defect tracking (e.g., Jira), and source code management (e.g., GitHub)
Advanced knowledge of: Python, Typescript, and other languages (Go, PHP)
In-depth knowledge of common application and network protocols, cryptographic primitives, authentication and authorization protocols, as well as common security threats, including attack techniques, evasive techniques, and preventative and defensive methods

💡 Responsibilities

Ensure the timely delivery of high-priority product security initiatives
Be a strategic advisor to the Application and Product Security Program
Drive key initiatives like Supply Chain Security, Authentication, and Authorization improvements

AWSDockerPythonAgileCloud ComputingCybersecurityJavascriptJenkinsKubernetesSoftware ArchitectureTypeScriptREST APICI/CDLinuxDevOpsTerraformMicroservicesJSONSoftware Engineering

Posted 21 days ago

Apply

🔥 Staff Application Security Engineer

Posted 29 days ago

📍 United States, Canada

🧭 Full-Time

💸 154160.0 - 281060.0 CAD per year

🔍 Software Development

🏢 Company: Webflow👥 501-1000💰 $120,000,000 Series C about 3 years ago🫂 Last layoff 8 months agoCMS Web Hosting Web Design

🔧 Requirements

7+ years of experience in application security, including 2+ years of software development focused on security.
Expertise in secure software design, secure coding, and web application security, with a strong commitment to risk reduction and sustainable security practices.
Experience with Threat Modeling, penetration testing, and identifying high-complexity application vulnerabilities.
Experience with software supply chain security and led bug bounty programs and security tooling initiatives.
Successfully implemented and improved secure development lifecycle (SDLC) processes, including planning, communication, and automation.
Led and delivered multi-quarter, complex security projects, application security roadmaps, and medium to large security programs in collaboration with engineering teams.
Experience mentoring other application security engineers and fostering security best practices across organizations.

💡 Responsibilities

Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem.
Bring security best practices to the software development lifecycle.
Work as part of a team to champion security standards while balancing business strategies and requirements.
Support Webflow’s security current and future compliance frameworks
Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings.
Contribute code and architecture improvements to enable security within Webflow’s application for engineers.
Cross-train entry and mid-level application security engineers

AWSDockerPythonSoftware DevelopmentCybersecurityGitKubernetesCI/CDRESTful APIsMentoringDevOpsComplianceJSON

Posted 29 days ago

Apply

🔥 Staff Application Security Engineer (Security)

Posted about 2 months ago

📍 United States, Canada

🧭 Full-Time

💸 200000.0 - 250000.0 USD per year

🔍 Blockchain, Crypto

🏢 Company: Phantom👥 51-100💰 $109,000,000 Series B about 3 years agoCryptocurrency Ethereum Bitcoin FinTech

🔧 Requirements

7+ years of experience in offensive security techniques
Strong understanding of security risks and vulnerabilities
Proficient in code review for JavaScript & Typescript
Ability to write PoC’s to prove vulnerabilities
Strong analytical and problem-solving skills

💡 Responsibilities

Perform regular security assessments on projects and infrastructure
Identify and mitigate security vulnerabilities in code and systems
Keep up to date with offensive security techniques and application security threats
Write detailed reports of findings and present to teams
Implement secure coding practices
Participate in incident response and management
Lead large cross-team projects

BlockchainJavascriptTypeScript

Posted about 2 months ago

Apply