Security Engineer

Engineering · Fredericton, New Brunswick
Department Engineering
Employment Type Full-Time
Minimum Experience Mid-level

The Opportunity: 

 

Introhive is seeking an experienced Security Engineer to help lead our product security program. This role can be worked remotely within Canada's Eastern or Atlantic time zones. The chosen candidate will be an application security specialist with a passion for proactively identifying security issues, while working to prevent vulnerabilities from being introduced in the first place through modern DevSecOps practices.


This role will have you working closely with developers to continuously raise the bar on application security. You will act as a force multiplier by fostering a culture of security, enabling every member of the team to take ownership for the security of the product they produce. 


You will champion a shift-left approach to security, by ensuring that security is the first consideration in application design, that applications use secure-by-default practices, and that the development pipeline has robust automated scanning for vulnerabilities. 


You will also act as the last line of defence, by conducting penetration testing and code reviews to hunt for vulnerabilities in production. 


Responsibilities:

  • Proactively identify and reduce security risks through each stage of the SDLC.
  • Provide architecture and code reviews, guiding developers on how to ship features securely.
  • Serve as a subject matter expert on security and authentication, advising development teams on best practices.
  • Promote secure development practices, and lead the continuous training of staff.
  • Help provide a "paved road" for secure application development, by curating standards and libraries that developers can use to create software that is secure by default.
  • Conduct exploratory code audits and penetration testing.
  • Build automated security testing into the application CI/CD pipeline.
  • Contribute to infrastructure security observability and hardening.
  • Assist with day-to-day security monitoring and incident response. 


The Qualifications: 

 

Required Qualifications:

  • A demonstrated passion for web application security. You can discover and recommend patches for all common classes of vulnerabilities, including the OWASP Top 10 and beyond. You're familiar with the common controls to prevent the same.
  • Curiosity and creativity. You enjoy hunting for vulnerabilities, and won't hesitate to dive into a large codebase to find an insecure codepath. You're always thinking about new ways to build security into the software development lifecycle.
  • Software development experience. You can read and write code at an intermediate level in at least one language.
  • A collaborative approach. You work closely with developers and other stakeholders as a trusted advisor, and seek to empower teams to ship software more securely.


Desired Qualifications:

  • Excellent written and verbal communication skills.
  • 3+ years experience in a security engineering, application penetration testing, or software development role.
  • Knowledge of industry standard authentication technologies, web security standards, and applied cryptography.
  • Working knowledge of linux system administration concepts.
  • Working knowledge of cloud security. Experience with AWS is an asset.
  • Exposure to containers and cloud-native security.
  • Relevant certifications are considered an asset (OSCP, OSWE, etc.)

 

Introhive


Introhive is a relationship analytics platform. By analyzing the connections in a company, we create an enterprise-wide view of relationships with customers and prospects. Customers use this to improve sales and marketing for reps, managers and executives.


Here's how we help companies: 


Sales: Find introductions and gather account intelligence through relationships that already exist in your company. Close deals faster. 


Management: Measure and report on relationship activity and strength in accounts, reps and territories. Make data driven decisions. 


Retention: Track relationship strength, activity and trends with accounts and highlight problems automatically. 


Marketing: Score and prioritize leads and segment marketing lists based on existing relationships. Create better targeted campaigns. 


About Introhive: 
Introhive is a venture-funded company with investors that include Build Ventures, GAP CIT, Fortify, Growthworks, NBIF and Salesforce.com. The company was founded in 2012. Our Canadian work spaces boast beautiful and conveniently located offices. We also offer an RRSP matching plan, health and dental benefits as well as education opportunities and a LinkedIn Learning license. Most offices are also pet friendly!

 

Thank You

Your application was submitted successfully.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

  • Location
    Fredericton, New Brunswick
  • Department
    Engineering
  • Employment Type
    Full-Time
  • Minimum Experience
    Mid-level