Senior Application Security – Digital Nova Scotia – Leading Digital Industry

Senior Application Security

The Opportunity:

Introhive is seeking an Application Security Developer to help lead our product security program. The chosen candidate will be an experienced software developer or architect with a passion for building secure software, while working to prevent vulnerabilities from being introduced through modern DevSecOps practices.

This is a permanent full time role based in Halifax, Nova Scotia. The primary language of work is english. This role will have you working closely with many development teams to continuously raise the bar on security. You will act as a force multiplier by fostering a culture of security, enabling every member of the team to take ownership for the security of the product they produce.

You will champion a shift-left approach to security, by ensuring that security is the first consideration in application design, that applications use secure-by-default practices, and that the development pipeline has robust automated scanning for vulnerabilities.

You will also verify our security processes by conducting detailed code reviews and penetration testing to hunt for vulnerabilities before they make it to production.

Responsibilities:

  • Function as a subject matter expert in application design and architecture, guiding developers on how to ship features securely.
  • Write requirements and conduct code reviews for security-critical changes.
  • Build automation and proofs of concept for security functionality.
  • Proactively identify and reduce security risks through each stage of the SDLC.
  • Promote secure development practices, and lead the continuous training of staff.
  • Help provide a “paved road” for secure application development, by curating standards and libraries that developers can use to create software that is secure by default.
  • Conduct exploratory code audits and penetration testing.
  • Build automated security testing into the application CI/CD pipeline.
  • Assist with day-to-day security monitoring, incident response, and organization-wide threat assessment and remediation.

Required Qualifications:

  • Curiosity and creativity. You enjoy hunting for vulnerabilities, and won’t hesitate to dive into a large codebase to find an insecure codepath. You’re a self-starter, and are always thinking about emerging threats and new approaches to secure the product.
  • A collaborative approach. You work closely with developers and other stakeholders as a trusted advisor, and seek to empower teams to ship software more securely.
  • A demonstrated passion for application security. You understand and can spot all common classes of vulnerabilities in web applications. You’re familiar with the common controls to prevent the same.
  • Excellent written and verbal communication skills.
    2+ years of experience in an application security engineering role
  • Experience in a full stack web application software development role, including professional experience with python, C#, ruby, and javascript.
  • Demonstrated experience securing containerized workloads on Kubernetes clusters, including experience with open source cloud-native runtime security tools.
  • Demonstrated experience building custom application security CI/CD pipelines in Github Actions.
  • Demonstrated knowledge of industry standard authentication technologies and applied cryptography.
  • Demonstrated experience code reviewing and penetration testing software with highly complex third party CRM integrations.
  • Demonstrated experience working with AI/ML solutions.
  • Recognized industry certification(s) in penetration testing (OSCP, Pentest+, CEH, etc.)

What You Can Expect from Us:

We are an AI-powered SaaS platform designed to help organizations realize the full value of their relationships and data. We increase employee productivity and improve customer experience management.

We focus on career development and progression. People are at the core of everything we do. We are Great Place to Work®-certified in Canada and were recently named among Canada’s Best Workplaces™ for Start-Ups, Technology, Youth and for Women. We’re also a proud sponsor of Women in Sales Everywhere (WISE). Beyond this, we were awarded the Deloitte Technology Fast 50™ and Fast 500™ Awards for the last three years running.

What’s In It for You:

  • An incredible group of peers and leadership to work and learn from
  • Personal and professional growth
  • Educational opportunities
  • RRSP matching
  • Health and Dental Coverage
  • Mental health support and coverage

For further details, please contact Maggie McLeod at maggie.mcleod@introhive.com.