We are currently seeking a Senior Application Security Developerto join our Security team. This role can be performed from one of our Canadian offices, remotely across Canada, or a combination of both. Some exemptions may apply.
What your team does:
Our team is focused on protecting our customers, and training our developers to write secure code. We’re a collaborative service team that works hard to enable developer velocity. We’re not gatekeepers, we’re enablers! We build automated tooling, monitor and triage CVEs &security bugs, and spend as much time pairing and teaching as we can.We’re interested in individuals with high agency, a sense of curiosity, and the ability to handle ambiguity. You know when something doesn’t look right and trust your gut instinct to dig further.
A day in the life might look like:
- Develop and implement tools to help developers avoid security flaws;
- Build partnerships with development teams and advise on security best practices.
- Contribute to driving security awareness and knowledge amongst the product organization;
- Provide detailed guidance and support to teams in vulnerability remediation;
- Identify and implement tools for automated application scanning, static analysis and related tools;
- Perform penetration testing;
- Perform reactive incident response when a security event occurs;
- Perform proactive research to detect new attack vectors;
- Elevate and educate our security culture within Clio, contributing to our cultural values of “No doors, only windows”and “Live a learning mindset”.
You may be fit for this role if you:
- Someone who loves learning and developing creative security solutions for a fast growing, continuous integration environment that hits upwards of 50 deployments a day;
- 4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and / or threat modeling;
- 4+ years experience with Ruby, Python, Javascript or other equivalent modern languages and tools.
Serious bonus points if you have:
- Experience with pentesting, bug bounty, or other testing disciplines;
- Ideas on how to successfully scale and grow a progressive security organization;and
- Experience with large Rails applications, automating security best practices, and/or building developer-facing tools.
Where your team works:
Clio is currently transitioning to a workplace that is distributed by design. This means that Clio offers employees more choice: the opportunity to work from one of our hub offices across Canada, remotely, or a combination of both. We have invested in best-in-class tools, technology, and culture to ensure our team members are able to do their best work whether they prefer to work from an office or remotely.