Application Security Engineer

Hi, Future Homie At Homebase, you’ll join a team that’s bold, fast-moving, and obsessed with helping small businesses thrive. We build with empathy, act with urgency, and take big swings that drive real-world impact. Here, every Homie shows up to raise the bar, support one another, and celebrate wins as a team. We’re not just building an app—we’re building unstoppable teams. So what do you say, are you in? ?Your Impact Starts Here We’re looking for a hands‑on Application Security Engineer to help build and grow Homebase’s Application Security program. Our products present a wide range of security challenges, and in this role, you’ll help shape how we approach them. You’ll join a team of engineers who care deeply about building secure systems. We partner closely with our Engineering teams to find practical solutions and continuously improve our security practices. Collaboration and creative problem‑solving are at the core of how we work. These are the key ways you’ll contribute and create impact in this role: Design and build guardrails and controls to prevent common classes of vulnerabilities Develop security tools and automation to scale our Application Security efforts Conduct threat modeling, design reviews, and security assessments Provide direct guidance and support to development teams on security issues Integrate and strengthen security throughout the software development lifecycle Oversee and evolve our vulnerability disclosure, bug bounty, and external testing program ? The Foundation for Success - These are the experiences and strengths that will set you up for success in this role: 3–5 years of experience in Application Security, Product Security or Software Security engineering role Strong understanding of web application vulnerabilities and the OWASP Top 10 Senior‑level development experience in Ruby, Python, React, and Rails Experience performing manual source code reviews Ability to evaluate new products and features through security reviews and threat modeling Experience leading cross‑team initiatives and promoting security adoption within engineering Strong communication and collaboration skills Experience running a bug bounty/responsible disclosure program ? The Homie Way - These principles guide everything we do—from how we work and make decisions to how we show up for each other. ? Be Customer Obsessed – Solve problems with empathy and creativity. ⚡ Move Fast, Learn Fast – Experiment, take action, and grow every day. ? Own Your Impact – Think big, focus on what matters, and make decisions you stand behind. ? Master Your Craft – Excellence fuels impact—show up, step up, and make your mark. ? Win Together – Put goals over roles, lead with trust, and connect to our mission and each other. What We Offer ? Ownership & Savings: Stock options + TFSA/RRSP with 4% company match ? Health & Wellness: Comprehensive medical, dental, and vision for you and your dependents ⏰ Time Flexibility: Flex time off + company holidays + designated focus periods ? Family Support: Maternity/Parental Leave EI top-up support offered (after 6 months of service) ? Work Your Way: Work From Anywhere Month + meeting‑free weeks yearly ?️ Protection Plans: Life insurance + short/long‑term disability coverage ?️ Workspace Perks: Meals provided, team offsites, and Customer Days ? Our Hybrid Rhythm: We believe collaboration drives impact. That’s why Tuesdays and Wednesdays are our required in‑office days—a time to move faster as a team, build deeper connections, make better decisions, and build together. What to Expect During the Interview Process Meet the Talent Acquisition team, Mavel W. Meet the Hiring Manager, Ali F. Participate in a Talent Showcase Meet Cross‑functional Partners Background Check + Offer Stage Welcome to the team, Homie ? ? Belonging at Homebase - We're committed to fostering a welcoming space where every Homie can be their full self. Experience comes in many forms—so if you're excited about this role, even if you don’t meet 100% of the qualifications, we encourage you to apply Homebase will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance. ? Hey, We’re Homebase Unstoppable teams start here. Homebase is the everything app for hourly teams—built to simplify the day‑to‑day and superpower local businesses. With tools for scheduling, time clocks, payroll, communication, HR, and more, we help teams stay connected and in control. Today, over 100,000 small (but mighty) businesses rely on us to make work radically easier. Together, we’ve tracked over a billion hours for 2.5+ million workers—and we’re just getting started. At Homebase, we celebrate diversity and are proud to be an equal opportunity employer. We welcome all candidates and do not discriminate based on any legally protected status. If you need accommodations during the hiring process, please let us know—we’re committed to ensuring fair and equitable access for all. #J-18808-Ljbffr