Senior Information Security Developer
We’re looking for a Security Developer to manage the security of our R&D operations and production application. You’ll plan and execute security initiatives directly and in collaboration with other teams. You’ll take ownership of our security practices and the vision going forward, with the support of our exec team down through Engineering leadership.
We take a DevOps approach to delivery and production ownership. This applies to our security strategy as well: as the primary owner of security for the department, you’ll manage your own security projects as well as lead the way the rest of the department manages security for their respective application domains.
This role can be based out of our Toronto office, or fully remote, anywhere in Canada.
– Evolve and expand our existing security activities – threat modeling, risk mitigation, observability, incident response. Manage and execute security projects based on internal and external inputs such as our bug bounty program, pentesting, or other gap analysis.
– Implement security improvements as an individual contributor as well as in collaboration with our teams. Set the standard for how new code being shipped meets our security needs.
– Advocate for security. Build a culture of security ownership rooted in shared values
– Managing security roadmaps from a corporate-wide perspective to meet the needs of various stakeholders including enterprise sales enablement
– Work in a predominantly AWS cloud environment with some Google Cloud Platform services. Our services are built on Django and get continuously deployed.
– You’re familiar with modern security practices and technologies
– You understand security in a cloud provider context (we use primarily AWS with some GCP services as well) and can help move us toward a Zero Trust architecture
– Familiar with managing infrastructure as code with automation tools such as Terraform
– Able to achieve results as an individual contributor as well as through aligning and guiding others