Application Security Specialist

The future of work is flexible, and so is OneSpan. Our teams have proven that they are able to achieve their goals together while being apart throughout the global pandemic, and we are embracing work flexibility. Many positions and locations will provide you with the choice of in office work, distributed or hybrid. We collaborate with each employee to develop their preferred work environment.

At OneSpan, we infuse trust into everything we do. That's why enterprises that care about securing the customer journey partner with us. Security is core to OneSpan's DNA.

We are looking for an Application Security Specialist near our office in Montreal to support us in building best in class security solutions for our customers. You will join OneSpan's Security Competence Center, a team in the OneSpan R&D organization which is responsible for the security aspects of OneSpan's products and services.

**Responsibilities**:

- Interpret the results of security scans (SAST, SCA, DAST, penetration tests, bug bounty programs) and give relevant and risk-based suggestions for solving security issues and track the resolution activities.
- Manage external penetration testing and bug bounty activities.
- Improve automated security testing of developed code together with the development teams through various methods and tools.
- Follow up on secure product development practices and trends and provide suggestions to further improve our secure development processes.
- Perform hands-on security testing on our solutions.

**Requirements**:

- 4+ years of hands-on technical experience with software security.
- Experience with software security scanning tools (such as SAST, SCA, DAST).
- Experience with Veracode is a big plus.

**Competences**:

- Fast learner that is not afraid to continuously learn new skills and adapt to a fast changing environment.
- Take initiative and like to get things done.
- Ability to work independently and proactively within a team-oriented environment.
- Good interaction skills to understand and explain reported security issues to various audiences.

FRENCH

Chez OneSpan, nous insufflons la confiance dans tout ce que nous faisons. C'est pourquoi les entreprises soucieuses de sécuriser le parcours de leurs clients s'associent à nous. La sécurité est au cœur de l'ADN de OneSpan.

**Responsabilités**:

- Interpréter les résultats des analyses de sécurité (SAST, SCA, DAST, essais de pénétration, programmes de primes aux bugs) et faire des suggestions pertinentes et fondées sur les risques en vue de résoudre les problèmes de sécurité et de suivre les activités de résolution.
- Manager les essais de pénétration externes et les activités bug bounty.
- Améliorer les essais de sécurité automatisés du code développé en collaboration avec les équipes de développement au moyen de méthodes et d'outils divers.
- Suivre les pratiques et les tendances en matière de développement de produits sécurisés et faire des suggestions pour améliorer nos processus de développement sécurisés encore d'avantage.
- Procéder à des essais de sécurité pratiques sur nos solutions.

**Exigences**:

- 4+ ans d'expérience technique pratique en matière de sécurité logicielle.
- Expérience en matière d'outils d'analyse de sécurité logicielle (tels que SAST, SCA, DAST).
- Une expérience avec Veracode constitue un grand atout.

**Compétences**:

- Vous apprenez vite et ne craignez pas d'acquérir continuellement de nouvelles compétences et de vous adapter à un environnement en rapide évolution.
- Vous prenez les initiatives et vous aimez faire avancer les choses.
- Vous disposez d'une capacité à travailler de manière autonome et proactive dans un environnement axé sur l'équipe.
- Vous avez de bonnes capacités d'interaction pour comprendre et expliquer les problèmes de sécurité signalés à divers publics.

LI-JD1

***

We offer you the opportunity to be part of a world of trusted digital interactions and agreements.

You hold significant responsibility and accountability; your work makes an impact. We move quickly to stay on top of the latest technology and industry trends, which inform and help your work. If you want to join a team that helps organizations to accelerate their digital transformations by enabling secure, compliant, and refreshingly easy digital customer agreements and transactions, we like to meet you

OneSpan provides a safe and drug-free working environment for its employees and to meet or exceed the standards of all applicable laws and regulations governing workplace safety, health and the environment.

We know it takes people with a diversity of perspectives, ideas, and culture to make our company succeed. We are committed to building a community of belonging and meaningful connections. Likewise, we also believe that hiring the best talent will lead to the creation of better products and services.

OneSpan is an Equal Opportunity employer, for more information p