We are currently seeking a Senior Application Security Developer to join our AppSec team. This role can be performed from one of our Canadian offices, remotely across Canada, or a combination of both. Some exemptions may apply.
What your team does:
Our team is focused on protecting our customers, and training our developers to write secure code. We’re a collaborative service team that works hard to enable developer velocity. We’re not gatekeepers, we’re enablers! We build automated tooling, monitor and triage CVEs & security bugs, and spend as much time pairing and teaching as we can.We’re interested in individuals with high agency, a sense of curiosity, and the ability to handle ambiguity. You know when something doesn’t look right and trust your gut instinct to dig further.
A day in the life might look like:
- Develop and implement tools to help developers avoid security flaws;
- Build partnerships with development teams and advise on security best practices.
- Contribute to driving security awareness and knowledge amongst the product organization;
- Provide detailed guidance and support to teams in vulnerability remediation;
- Identify and implement tools for automated application scanning, static analysis and related tools;
- Perform penetration testing;
- Perform reactive incident response when a security event occurs;
- Perform proactive research to detect new attack vectors;
- Elevate and educate our security culture within Clio, contributing to our cultural values of “No doors, only windows” and “Live a learning mindset”.
You may be fit for this role if you:
- Someone who loves learning and developing creative security solutions for a fast growing, continuous integration environment that hits upwards of 50 deployments a day;
- 4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and / or threat modeling;