Intermediate Application Security Engineer

Department: Engineering

Employment Type: Permanent – Full Time

Location: Canada

Reporting To: Moe Serry

Description

A Little Bit About Us:

We are a growing global technology company that is looking to reinvent the way organizations build Trust in People with technology and AI-backed background checks. We are proud to share that we recently secured 105 million in funding, were named one of Canada’s Companies-to-Watch in Deloitte’s Technology Fast 50™ Awards, and are on track to become one of Canada’s fastest-growing start-ups.

Who are Certonians?

We are soccer players, DIY creators, spicy-food lovers, karaoke lovers, wine connoisseurs, and so much more! We are a team of 300+ people currently living the dream at Certn and are looking for more team members to level us up. If you are excited about working with a group that values accountability, working synergistically with one another, being inclusive of different perspectives, and not being an asshole – aka approaching all solutions & problems with compassion and empathy – we want to hear from you!

This Opportunity:

We are looking for an Intermediate Application Security Engineer to expand our growing AppSec Team! Reporting to the Security Lead, you will be responsible for the security of Certn’s customer facing applications.

Success in the role requires someone with a background in application security, Threat Modelling, Risk assessments as well as knowledge of modern SDLC practices.

As our Application Security Engineer, you will:
Create and manage automated scans for secure coding – SAST, DAST
Manage and review security vulnerabilities
Conduct security training on proper procedures and policies
Maintain industry standard policies for secure coding
Support the compliance team to achieve and enforce SOC 2, ISO controls
Work with the development team to ensure secure coding practices are adhered to

We are hoping you bring:
Proven experience in the application security domain with secure development practices
Be the Voice of security in the SDLC
Hands-on Threat modeling, security risk assessment and code review experience
Experience in automating application security tests (Python)
Basic understanding of CI/CD pipelines
Knowledge of OWASP security principles/OWASP top 10
Experience with containers like Docker, Kubernetes

Our goal is to make sure Certn to be the best place for you to work. That means we are consistently asking for your feedback, researching best practices, and implementing new programs and changes in the way we work so that we can each walk away every day feeling proud to work here!

Some of the benefits you can expect at Certn are…
4 weeks of paid vacation
12 wellness days
Extensive health benefits
Family support program (including support for new parents and caregivers)
Remote-first and supports flexible remote arrangements
Green transportation allowance
Fitness & wellness allowance
Work from home allowance
Professional development budget
And a few more goodies!

Does this role sound like it was made for you, yet you don’t check every box?We value diversity in our teams’ experience. Whatever your background, experience, ethnicity, physical ability, sexual orientation, race, and gender is, we want to hear from you! We are dedicated to fostering an inclusive and diverse environment for all employees from all walks of life. One of our corporate goals is to build an environment that will be the best place for you to work and spend your time. To accomplish that, we know we need to develop a diverse team where everyone feels included and where a variety of voices are heard.
If you have a disability that requires accommodation during any stage of our recruitment process, please let us know how we can best assist you*