Senior Application Security Developer
Remote
Remote (Canada)
CA$109,210 - CA$182,017/yearly
Senior Level
Top Benefits
Stock options
Full medical, dental, vision coverage
Flexible paid time off
About the role
Who you are
- 5+ years of relevant work experience
- Experience with agile development processes and have experience integrating secure development practices into the model
- Experience writing and testing web applications, mobile applications and microservices
- Familiarity with GraphQL architecture and security best practices
- Basic understanding of authentication and authorization schemes including OAuth
- Familiarity with a variety of development and testing tools
- Experience working with one or more SAST, DAST and IAST tools
- Ability to explain vulnerabilities and weaknesses, and discuss effective defensive techniques
- Experience with cyber security attacks and mitigation methods (red/blue team experience)
- Experience working with web applications and browser security; security assessments and penetration testing; identity and access control; applied cryptography and security protocols; security information and event monitoring and intrusion detection
- Expertise in employing analytics and threat intelligence techniques, Incident response process; Software security
- Experience in IT supply-chain risk management and assurance, as well as cloud security operations
- Basic familiarity with Python for security tool automation would be a plus
What the job involves
- As a Senior Application Security Developer, you’ll help scale our static and dynamic code analysis, handle manual and automated pen-testing, threat modeling, and lead the overall improvement of our AppSec posture
- You’ll collaborate alongside DevOps, QA, and Engineering to improve the security of applications architected on the cloud (AWS) in a microservices-based environment
- Evaluate our security technology, methodology, and tools to better the software development life cycle
- Help train developers, and QA personnel to the appropriate level of software security knowledge to perform their responsibilities
- Improve and support application security tool services including static analysis, dynamic testing, software composition analysis tools
- Support incident response and architecture review processes whenever application security expertise is needed
- Manage routine penetration testing services, including both expert consulting and managed services
- Provide manual penetration testing and standards gap analysis services to internal business and technology partners
- Support, improve, and maintain secure development standards and application security framework projects
- Support Vendor Management activities to ensure third party software and development meet security standards
- Integrate threat modeling practices into the product development life cycle
- Provide security requirements for test driven design to assess control effectiveness
- Produce metrics reporting the state of application security programs and performance of development teams against requirements
Benefits
- Stock option plan
- 100% paid coverage of medical, dental and vision insurance
- Flexible PTO
- Opportunities for professional growth and development
- Paid parental leave
- Health & wellness initiatives
About Upgrade
Advertising Services
1001-5000
World-class branding, marketing and social media for real estate agents, teams and brokerages.
Our founders and team have worked with some of the top brands in the world. Now we'd love to work with you to take you real estate business to the next level. Upgrade helps you define your brand and roll out modern marketing solutions so you can stand out from your competition, attract your dream client, and grow your bottom line.
Senior Application Security Developer
Remote
Remote (Canada)
CA$109,210 - CA$182,017/yearly
Senior Level
Top Benefits
Stock options
Full medical, dental, vision coverage
Flexible paid time off
About the role
Who you are
- 5+ years of relevant work experience
- Experience with agile development processes and have experience integrating secure development practices into the model
- Experience writing and testing web applications, mobile applications and microservices
- Familiarity with GraphQL architecture and security best practices
- Basic understanding of authentication and authorization schemes including OAuth
- Familiarity with a variety of development and testing tools
- Experience working with one or more SAST, DAST and IAST tools
- Ability to explain vulnerabilities and weaknesses, and discuss effective defensive techniques
- Experience with cyber security attacks and mitigation methods (red/blue team experience)
- Experience working with web applications and browser security; security assessments and penetration testing; identity and access control; applied cryptography and security protocols; security information and event monitoring and intrusion detection
- Expertise in employing analytics and threat intelligence techniques, Incident response process; Software security
- Experience in IT supply-chain risk management and assurance, as well as cloud security operations
- Basic familiarity with Python for security tool automation would be a plus
What the job involves
- As a Senior Application Security Developer, you’ll help scale our static and dynamic code analysis, handle manual and automated pen-testing, threat modeling, and lead the overall improvement of our AppSec posture
- You’ll collaborate alongside DevOps, QA, and Engineering to improve the security of applications architected on the cloud (AWS) in a microservices-based environment
- Evaluate our security technology, methodology, and tools to better the software development life cycle
- Help train developers, and QA personnel to the appropriate level of software security knowledge to perform their responsibilities
- Improve and support application security tool services including static analysis, dynamic testing, software composition analysis tools
- Support incident response and architecture review processes whenever application security expertise is needed
- Manage routine penetration testing services, including both expert consulting and managed services
- Provide manual penetration testing and standards gap analysis services to internal business and technology partners
- Support, improve, and maintain secure development standards and application security framework projects
- Support Vendor Management activities to ensure third party software and development meet security standards
- Integrate threat modeling practices into the product development life cycle
- Provide security requirements for test driven design to assess control effectiveness
- Produce metrics reporting the state of application security programs and performance of development teams against requirements
Benefits
- Stock option plan
- 100% paid coverage of medical, dental and vision insurance
- Flexible PTO
- Opportunities for professional growth and development
- Paid parental leave
- Health & wellness initiatives
About Upgrade
Advertising Services
1001-5000
World-class branding, marketing and social media for real estate agents, teams and brokerages.
Our founders and team have worked with some of the top brands in the world. Now we'd love to work with you to take you real estate business to the next level. Upgrade helps you define your brand and roll out modern marketing solutions so you can stand out from your competition, attract your dream client, and grow your bottom line.