Senior Application Security Engineer

4 days ago

Old Toronto, Ontario, Canada Glassdoor Full time
About the Role

We are seeking a highly skilled Sr Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will play a critical role in improving our application security posture and ensuring the safety of our platform for millions of users worldwide.

As a Sr Application Security Engineer, you will be responsible for analyzing, testing, and triaging application vulnerabilities, managing our public bug bounty program, participating in code and product security reviews, and helping our Developers bake security into their day-to-day workflows and CICD. You will partner closely with our Product and Engineering teams, our vendors, and external testers, so solid interpersonal skills are a must.

Key Responsibilities:

  • Advocate for application security within the organization
  • Develop and maintain a risk-based application security program based on a well-defined application security framework
  • Enhance and manage Glassdoor's public bug bounty program, application security tool stack, and automated security checks in the CICD pipeline to optimize vulnerability and misconfiguration detection
  • Find common patterns and themes within application vulnerabilities and work with Engineering teams to address the root causes
  • Participate in strategic decisions related to the requirements, design, implementation, and operations of application security framework, processes, and technology
  • Execute security-focused code, architecture, and integration reviews
  • Coordinate or conduct penetration testing and drive remediation efforts to completion
  • Stay up-to-date with the latest security issues and technologies
  • Own and improve process and procedural documentation
  • Participate in on-call rotation (nights and weekends) for Security Operations alert response
  • Assist with daily activities and functions of the Security team (including alert & incident response) to maintain security posture as well as policy and compliance commitments

Requirements:

  • 5+ years of experience in web application penetration testing or a security-focused application development role
  • AWS Security, CISSP, CEH, GWEB, GCIH, or equivalent certifications are preferred
  • Deep knowledge and familiarity with Cybersecurity Framework, including NIST 800-53, NIST CSF, CIS Top 20, MITRE ATT&CK, and OWASP Top Ten
  • Deep knowledge of crypto, authentication, and authorization protocols and standards, including SSL/TLS, SAML, OAuth, JWT Tokens
  • Possess a relentless desire to (ethically) break into things and communicate attack scenarios and mitigation options based on standard framework
  • Ability to automate repetitive tasks using Python or other scripting language
  • Ability to work in a diverse, fast-paced environment and effectively collaborate across teams
  • Outstanding written and oral communication skills with demonstrated ability to clearly articulate to both technical and functional audiences

What We Offer:

  • Base salary range: CAD $92,000.00 - $115,000.00
  • Open Paid Time Off policy, in addition to 15-20 paid company holidays/year
  • Come as you are: At Glassdoor, diversity is not a slogan; it's a core factor in our success. We welcome your background, experience, and ideas because you help us understand and better serve our world. You make us stronger.
  • Grow your career: Glassdoor is small enough for you to see the impact of your contributions, while large enough to offer significant resources and endless opportunities to grow. This is a great place to make a career.
  • Find your people: Ask anyone who works here: it's the people who make the difference. We are a group of well-rounded humans who support one another and work hard together to bring the Glassdoor mission to life.
  • Discover flexibility: With flexible hours and a where-to-work policy, Glassdoor allows you to take on professional and personal responsibilities — enhancing both productivity and your well-being.

Glassdoor is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to race, color, religion, national origin, ethnicity, age, sex, marital status, physical or mental disability, gender identity, sexual orientation, veteran or military status, or any other category protected under the law. Glassdoor is an equal opportunity employer; committed to creating a community of inclusion, and an environment free from discrimination, harassment, and retaliation.

Where-to-Work Policy:
Being a remote-first company, Glassdoor employees can live anywhere Glassdoor is a registered company. Requests to move must be approved by an employee's manager and the People team. While we will try our best to support relocation requests, some requests may not be approved due to various tax, legal, or other restrictions.

Enjoy Remote and Explore: Employees authorized to work in their current location may Work Away for up to a total of 30 (thirty) working days in a calendar year without permanent relocation and compensation change. Employees on visas may work Work Away for up to a total of 20 (twenty) working days in a calendar year without permanent relocation and compensation change. The amount of time and location for Work Away must be approved by the employee's manager and People Operations team at least two (2) weeks in advance of travel.

  • Cloud Security Engineer

    2 weeks ago

    Old Toronto, Ontario, Canada Sonrai Security Full time

    Cloud Security Engineer OpportunitySonrai Security is a world-class team modernizing the cloud security industry. We're looking for a cloud engineer to develop core pieces of our innovative platform.Key Responsibilities:Part of a small agile development team.Working with senior engineers building core pieces of the Sonrai Cloud Platform.Implementation,...

  • Cloud Security Engineer

    2 weeks ago

    Old Toronto, Ontario, Canada Sonrai Security Full time

    Cloud Security Engineer OpportunitySonrai Security is a world-class team modernizing the cloud security industry. We're looking for a cloud engineer to develop core pieces of our innovative platform.Key Responsibilities:Part of a small agile development team.Working with senior engineers building core pieces of the Sonrai Cloud Platform.Implementation,...

  • Senior AWS Application Security Engineer

    4 hours ago

    Toronto, Ontario, Canada Amazon Development Centre Canada ULC Full time

    About the RoleWe are seeking a highly skilled Senior AWS Application Security Engineer to join our team at Amazon Development Centre Canada ULC. As a key member of our AWS Security team, you will play a critical role in ensuring the security and integrity of our cloud-based services.Key ResponsibilitiesConduct thorough security reviews of AWS applications...

  • Senior AWS Application Security Engineer

    1 hour ago

    Toronto, Ontario, Canada Amazon Development Centre Canada ULC Full time

    About the RoleWe are seeking a highly skilled Senior AWS Application Security Engineer to join our team at Amazon Development Centre Canada ULC. As a key member of our AWS Security team, you will play a critical role in ensuring the security and integrity of our cloud-based services.Key ResponsibilitiesConduct thorough security reviews of AWS applications...

  • Senior AWS Application Security Engineer

    1 week ago

    Toronto, Ontario, Canada Amazon Development Centre Canada ULC Full time

    About the RoleWe are seeking a highly skilled Senior AWS Application Security Engineer to join our team at Amazon Development Centre Canada ULC. As a key member of our AWS Security team, you will play a critical role in ensuring the security and integrity of our cloud-based applications and services.Key ResponsibilitiesConduct thorough security reviews of...

  • Senior AWS Application Security Engineer

    1 week ago

    Toronto, Ontario, Canada Amazon Development Centre Canada ULC Full time

    About the RoleWe are seeking a highly skilled Senior AWS Application Security Engineer to join our team at Amazon Development Centre Canada ULC. As a key member of our AWS Security team, you will play a critical role in ensuring the security and integrity of our cloud-based applications and services.Key ResponsibilitiesConduct thorough security reviews of...

  • Senior Engineering Manager, Security

    6 days ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleThe Application Security team at Robinhood is responsible for designing, building, and operating solutions that provide higher-level abstractions to ensure a paved path for engineers to course-correct security vulnerabilities earlier in the SDLC. The team's domain spans application security, cloud security, and privacy engineering.As a Senior...

  • Senior Engineering Manager, Security

    6 days ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleThe Application Security team at Robinhood is responsible for designing, building, and operating solutions that provide higher-level abstractions to ensure a paved path for engineers to course-correct security vulnerabilities earlier in the SDLC. The team's domain spans application security, cloud security, and privacy engineering.As a Senior...

  • Senior Engineering Manager, Security

    19 hours ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleThe Application Security team at Robinhood is responsible for designing, building, and operating solutions that provide higher-level abstractions to ensure a paved path for engineers to course-correct security vulnerabilities earlier in the SDLC. The domain spans application security, cloud security, and privacy engineering.As a Senior...

  • Senior Engineering Manager, Security

    22 hours ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleThe Application Security team at Robinhood is responsible for designing, building, and operating solutions that provide higher-level abstractions to ensure a paved path for engineers to course-correct security vulnerabilities earlier in the SDLC. The domain spans application security, cloud security, and privacy engineering.As a Senior...

  • Senior Engineering Manager, Security

    6 days ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleWe're seeking a seasoned Senior Engineering Manager to lead our Application Security team within Security Engineering. As a key member of our team, you'll be responsible for building and deploying secure applications, cloud, and robust privacy engineering platforms at Robinhood.Key ResponsibilitiesHire, coach, and mentor exceptional engineers...

  • Senior Engineering Manager, Security

    6 days ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleWe're seeking a seasoned Senior Engineering Manager to lead our Application Security team within Security Engineering. As a key member of our team, you'll be responsible for building and deploying secure applications, cloud, and robust privacy engineering platforms at Robinhood.Key ResponsibilitiesHire, coach, and mentor exceptional engineers...

  • Senior Engineering Manager, Security

    21 hours ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleWe're seeking a seasoned Senior Engineering Manager to lead our Application Security team within Security Engineering. As a key member of our team, you'll be responsible for building and deploying secure applications, cloud, and robust privacy engineering platforms at Robinhood.Key ResponsibilitiesHire, coach, and mentor exceptional engineers...

  • Senior Engineering Manager, Security

    19 hours ago

    Old Toronto, Ontario, Canada Robinhood Full time

    About the RoleWe're seeking a seasoned Senior Engineering Manager to lead our Application Security team within Security Engineering. As a key member of our team, you'll be responsible for building and deploying secure applications, cloud, and robust privacy engineering platforms at Robinhood.Key ResponsibilitiesHire, coach, and mentor exceptional engineers...

  • Senior Security Engineer

    2 days ago

    Toronto, Ontario, Canada TD Full time

    Job Title: Senior Security EngineerWe are seeking a highly skilled Senior Security Engineer to join our team at TD. As a Senior Security Engineer, you will be responsible for designing and implementing secure solutions to protect our systems and data.Key Responsibilities:Design and implement secure solutions to protect our systems and dataCollaborate with...

  • Senior Security Engineer

    2 days ago

    Toronto, Ontario, Canada TD Full time

    Job Title: Senior Security EngineerWe are seeking a highly skilled Senior Security Engineer to join our team at TD. As a Senior Security Engineer, you will be responsible for designing and implementing secure solutions to protect our systems and data.Key Responsibilities:Design and implement secure solutions to protect our systems and dataCollaborate with...

  • Senior Application Security Engineer

    2 days ago

    Toronto, Ontario, Canada Glassdoor Full time

    About the RoleWe are seeking a highly skilled Sr Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will play a critical role in improving our application security posture and ensuring the safety of our platform for millions of users worldwide.As a Sr Application Security Engineer, you will be responsible...

  • Senior Application Security Engineer

    3 days ago

    Toronto, Ontario, Canada Glassdoor Full time

    About the RoleWe are seeking a highly skilled Sr Application Security Engineer to join our team at Glassdoor. As a key member of our security team, you will play a critical role in improving our application security posture and ensuring the safety of our platform for millions of users worldwide.As a Sr Application Security Engineer, you will be responsible...

  • Senior Security Engineer

    2 weeks ago

    Toronto, Ontario, Canada Robinhood Full time

    **Senior Security Engineer Wanted for Fintech Company** Join a leading fintech company that's democratizing finance for all. We're seeking a Senior Security Engineer to help shape our vision, structures, and systems. **About the Company** Robinhood Markets was founded on a simple idea: that our financial markets should be accessible to all. With customers...

  • Senior Application Security Manager

    3 weeks ago

    Old Toronto, Ontario, Canada ipss inc. Full time

    Job SummaryWe are seeking a highly experienced and skilled Senior Application Security Manager to join our team at ipss inc. as a key member of our Office of the Chief Information Security Officer. The successful candidate will provide senior-level strategic and tactical guidance to the Director Cyber Threat Management and the Chief Information Security...