Senior Software Developer, Application Security (Remote Option)

Clio
Posted 3 years ago  • Burnaby, BC, Canada

We are currently seeking a Senior Application Security Developerto join our Security team. This role can be performed from one of our Canadian offices, remotely across Canada, or a combination of both. Some exemptions may apply. 

What your team does: 

Our team is focused on protecting our customers, and training our developers to write secure code. We’re a collaborative service team that works hard to enable developer velocity. We’re not gatekeepers, we’re enablers! We build automated tooling, monitor and triage CVEs &security bugs, and spend as much time pairing and teaching as we can.We’re interested in individuals with high agency, a sense of curiosity, and the ability to handle ambiguity. You know when something doesn’t look right and trust your gut instinct to dig further.

A day in the life might look like:

  • Develop and implement tools to help developers avoid security flaws;
  • Build partnerships with development teams and advise on security best practices. 
  • Contribute to driving security awareness and knowledge amongst the product organization;
  • Provide detailed guidance and support to teams in vulnerability remediation;
  • Identify and implement tools for automated application scanning, static analysis and related tools;
  • Perform penetration testing;
  • Perform reactive incident response when a security event occurs;
  • Perform proactive research to detect new attack vectors;
  • Elevate and educate our security culture within Clio, contributing to our cultural values of “No doors, only windows”and “Live a learning mindset”.

You may be fit for this role if you:

  • Someone who loves learning and developing creative security solutions for a fast growing, continuous integration environment that hits upwards of 50 deployments a day;
  • 4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and / or threat modeling;
  • 4+ years experience with Ruby, Python, Javascript or other equivalent modern languages and tools.
Don’t have all of those? The most important part of this job is that you approach new challenges with curiosity and a drive to apply what you learn to fixing root causes, not just symptoms. Deep curiosity and a desire to learn will help you succeed in this job, combined with a drive to help others by shipping code. We have cross-trained developers coming from Java, Python, C++, and JavaScript backgrounds, and are happy to help you learn Ruby when you get here.
Serious bonus points if you have:
  • Experience with pentesting, bug bounty, or other testing disciplines;
  • Ideas on how to successfully scale and grow a progressive security organization;and
  • Experience with large Rails applications, automating security best practices, and/or building developer-facing tools.

Where your team works:

Clio is currently transitioning to a workplace that is distributed by design. This means that Clio offers employees more choice: the opportunity to work from one of our hub offices across Canada, remotely, or a combination of both. We have invested in best-in-class tools, technology, and culture to ensure our team members are able to do their best work whether they prefer to work from an office or remotely.