Product Security Engineer
4 months ago
As a Product Security Engineer, you will be focused on developing S-SDLC activities and controls that will ensure our applications are designed and implemented with regards to the highest level of security standards.
About the Role
As a Product Security Engineer, you will:
Secure design, architecture, and implementation covering all steps of our Secure Software Development Life Cycle (SDLC).
Drive security projects (including security reviews, tool development, and creation of new security practices).
Participate in Threat modeling sessions to guide secure design discussions and participate in risk assessments.
Create security guidance and documentation, including compliance as code.
Work closely with our Security Awareness team to provide first class application security interactive and targeted training to our engineers.
Set a high standard for engineering quality and execution that leads to high quality product security artifacts to secure our products’ SDLCs.
About You
You’re a fit for the role of Product Security Engineer if you have:
Engineer Empathy: You have a strong understanding of how developers work and are able to present security initiatives to developers in a way that leverages that understanding.
Knowledgeable in Application Security: You are passionate about application security including secure coding, supply chain security, and SecDevOps
Drive to continually improve: You are able to analyze current processes and procedures and determine ways to improve and increase efficiency.
Technical Skills:
Experience collaborating with product development teams directly to instill security.
Experience building and reviewing threat models and recommending secure design patterns
Deep technical understanding and experience assessing common security vulnerabilities and risks, as well as advising on countermeasures and compensating controls.
You have experience with SAST, DAST and SCA scans and the analysis of the identified security findings/results.
Experience with DevSecOpsin a cloud native contextand inintegrating security in CI/CD pipelines (GitHub Actions preferred but experience with other Cis is good eg.Gitlab CI,…).
Experience with automation in generalconsuming APIs, with plus when the automation is related to security tooling, proficiency in Python or Golang preferred.
Knowledge of one or more security frameworks OWASP’s ASVS, CIS Benchmarks, NIST CSF,…
Ability to manage and prioritize between multiple tasks and projects.
Additional Skills:
Strong Communication Skills (verbal, written, ability to influence others)
Learning Mindset (emerging technical trends, always learning)
Agile Methodology experience
Experience with Linux systems and containers
Experience with AWS or Azure
Infrastructure as code with Terraform
Experience with Security tools (Web attack proxies, SAST, DAST, SCA)
#LI-LP2
What's in it For You?
You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through:
Hybrid Work Model: We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected
Wellbeing: Comprehensive benefit plans; flexible and supportive benefits for work-life balance: flexible vacation, two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, tuition reimbursement, and employee incentive programs; resources for mental, physical, and financial wellbeing.
Culture: Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.
Learning & Development: LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company; Ten Thousand Coffees Thomson Reuters café networking.
Social Impact: Ten employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social and Governance (ESG) initiatives for local and global impact.
Purpose Driven Work: We have a superpower that we’ve never talked about with as much pride as we should – we are one of the only companies on the planet that helps its customers pursue justice, truth and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world.
Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services – Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.
We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward.
Accessibility
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.
More information about Thomson Reuters can be found on .
-
Product Security Engineer
3 months ago
Toronto, Canada Thomson Reuters Full timeAs a Product Security Engineer, you will be focused on developing S-SDLC activities and controls that will ensure our applications are designed and implemented with regards to the highest level of security standards.About the RoleAs a Product Security Engineer, you will: Secure design, architecture,
-
Product Security Engineer Leader
2 weeks ago
Toronto, Ontario, Canada Cisco Full timeCisco Meraki is a company that simplifies technology to empower our customers. We're looking for a Senior Product Security Engineer to join our firmware security team. This role will have a substantial impact on the security of millions of Meraki users worldwide.About UsWe believe in fostering a positive culture by hiring, mentoring, and empowering smart,...
-
Senior Product Security Engineer
4 weeks ago
Old Toronto, Canada Wayfair Inc. Full timeWayfair Inc.We are seeking a highly skilled Product Security Engineer to join our Application Security Team at Wayfair Inc. This team is responsible for safeguarding the security of our development and custom products and features, engaging with hundreds of developers and development teams to review and improve the security of our custom developed...
-
Senior Product Security Engineer
3 weeks ago
Toronto, Ontario, Canada AMEX Full timeJob Description:About the Role:We are seeking a highly skilled Senior Product Security Engineer to join our team at Wayfair. As a key member of our Application Security Team, you will be responsible for safeguarding the security of our development and custom products and features.Responsibilities:Lead enterprise-wide security initiatives by working closely...
-
Product Security Specialist
3 weeks ago
Toronto, Ontario, Canada Thomson Reuters Full timeAbout the RoleAs a Product Security Engineer, you will be focused on developing S-SDLC activities and controls that ensure our applications are designed and implemented with the highest level of security standards.Secure design, architecture, and implementation covering all steps of our Secure Software Development Life Cycle (SDLC).Drive security projects,...
-
Product Security Specialist
2 weeks ago
Toronto, Ontario, Canada Thomson Reuters Full timeJob OverviewA dynamic opportunity awaits an experienced Cybersecurity Engineer to spearhead the development of S-SDLC activities and controls at a leading global news agency. This pivotal role demands a seasoned professional with expertise in ensuring top-notch security standards throughout software design, implementation, and lifecycle management.About the...
-
Security Engineering Leader
2 weeks ago
Toronto, Ontario, Canada Gusto Full timeAbout GustoGusto is a modern, innovative company that empowers small businesses to succeed. We're a team of dedicated professionals who strive to make a positive impact on our customers' lives.About the RoleThe Security Engineering team at Gusto works closely with product and engineering leads to design secure products and features that protect our...
-
Lead Product Security Engineer
3 months ago
Old Toronto, Canada Tbwa ChiatDay Inc Full timeThere is not a single large organization that doesn’t need what Strata has to offer. Identity security is a foundational technology that every company needs no matter what industry they are in. A great aspect of Strata is that you can call on virtually any name brand organization and be confident that someone in the organization needs what we offer....
-
Principal Security Engineer
1 month ago
Toronto, Canada Gusto Full timeAbout Gusto Gusto is a modern, online people platform that helps small businesses take care of their teams. On top of full-service payroll, Gusto offers health insurance, 401(k)s, expert HR, and team management tools. Today, Gusto offices in Denver, San Francisco, and New York serve more than 300,000 businesses nationwide. Our mission is to create a...
-
Senior Security Engineer
1 month ago
Old Toronto, Canada Robinhood Full timeAbout the RoleThe Robinhood Credit and Money Security team's mission is to protect the organization and its customers while empowering it to achieve its business goals securely and efficiently.As a Senior Security Engineer, you will collaborate with business and engineering teams to secure products and services offered by Robinhood Credit and Money.Key...
-
Lead Product Security Engineer
4 weeks ago
Old Toronto, Canada Tbwa ChiatDay Inc Full timeAbout UsAt our company, we're building a revolutionary identity management system that's changing the way organizations handle security. We're looking for an experienced software engineer to join our team and help shape the future of identity orchestration.The RoleAs a Software Engineer on our Identity Orchestration team, you'll be responsible for designing...
-
Old Toronto, Canada Data Engineer Jobs Full timeAs a Senior Data Engineer at Mozilla, you will play a pivotal role in shaping the company's data strategy and driving business growth through informed decision-making.About the RoleWe are seeking an experienced data engineer to join our Analytics Engineering team. In this role, you will work closely with data scientists to design and implement scalable data...
-
Security Infrastructure Engineer
3 weeks ago
Old Toronto, Canada LotusFlare, Inc. Full timeAs Security Engineer on the Infrastructure Team at LotusFlare, you will be responsible to drive the overall IT security standards across our cloud native DNO stack. This incorporates security policies and domain security concepts along with the implementation and the lifecycle of security controls and security focused services and systems in LotusFlare’s...
-
Principal Application Security Engineer
2 months ago
Toronto, Canada Zynga Full timeAVAILABLE POSITIONS Principal Application Security Engineer Careers Category: Engineering Careers location: Remote, US; Toronto, Canada Connected Worker Type: Connected R_111916 Position Overview In partnership with cybersecurity leadership, the Principal Application Security Engineer will work with product teams, game studios,...
-
Security Infrastructure Engineer
2 months ago
Old Toronto, Canada LotusFlare Full timeLotusFlareSimplifying technology to simplify the experience, LotusFlare has built the only digital BSS that delivers valuable outcomes to CSPs.As Security Engineer on the Infrastructure Team at LotusFlare, you will be responsible for driving the overall IT security standards across our cloud-native DNO stack. This incorporates security policies and domain...
-
Product Security Engineer
2 months ago
Old Toronto, Canada Wayfair Inc. Full timeWayfair Inc. Shop Wayfair for A Zillion Things Home across all styles and budgets. 5,000 brands of furniture, lighting, cookware, and more. Free Shipping on most items.Wayfair’s Application Security Team is responsible for safeguarding the security of development and custom products and features. We engage with hundreds of developers and development teams...
-
Markets Platform Security Engineer
3 months ago
Toronto, Canada the Ladders Full timeThe Role:This is an amazing opportunity to join ION as a Platform Security Engineer. As a Platform Security Engineer, you will be a key enabler of secure and compliant platform security across common technologies shared across business products. You must have knowledge of attack paths across the tec
-
Security Infrastructure Engineer
3 months ago
Toronto, Canada LotusFlare Full timeResponsibilities Actively managing the security of our cloud-native runtime environment Clearly and promptly communicate and negotiate security technical topics with both technical and non-technical audiences Drive security improvements to production cloud environments Perform targeted offensive security testing Implement continuous monitoring...
-
Principal Product Manager, Security
3 months ago
Toronto, Canada Coalition, Inc. Full time**About us**: Coalition is the world's first Active Insurance provider designed to help prevent digital risk before it strikes. Founded in 2017, Coalition combines broad insurance coverage with a digital risk assessment and continuous security monitoring to help organizations protect themselves in today's hyper-connected world. Opportunities to make an...
-
Communications Security Specialist
2 weeks ago
Toronto, Ontario, Canada Communications Security Establishment Full timeJob SummaryWe are seeking a highly skilled Communications Security Specialist to join our team at the heart of Canada's national security and intelligence community.About the RoleThis exciting opportunity is part of our multi-functional teams responsible for delivering vital COMSEC services to Government of Canada agencies, international partners, and...
