Lead Application Security Engineer at Arctic Wolf scaling AI-first security practices across products and platforms. Involves threat modeling, security standard definition, and risk-reduction programs.
Responsibilities
Lead threat modeling exercises for applications, microservices, APIs, and AI/LLM-enabled systems
Define reusable security patterns and drive secure design reviews for product and platform architectures
Own AppSec initiatives end-to-end and drive risk-reduction programs across R&D
Influence engineering and product leaders to adopt secure practices through clear guidance and rationale
Conduct security assessments for new features, cloud architectures, and AI/GenAI capabilities
Implement and optimize AppSec tooling including SAST, DAST, IAST, SCA, IaC scanning, and container security
Establish metrics, dashboards, and scalable process improvements
Drive R&D wide security practices and help shape internal standards for secure development
Explore emerging technologies, and promote continuous learning within AppSec and the Security Champions community
Requirements
7+ years of experience in Application Security, Product Security, Secure Software Development, or a related security engineering discipline.
Deep expertise in secure design and development principles, including the OWASP Top 10, OWASP ASVS, and modern application security best practices.
Proven experience leading threat modeling exercises, security architecture reviews, and risk assessments for complex applications and services.
Hands-on experience with application security tooling, including SAST, DAST, SCA, IaC, container, and cloud-native security solutions.
Strong analytical and problem-solving skills, with the ability to identify security risks, evaluate tradeoffs, and develop practical, scalable solutions.
Demonstrated ability to influence engineering teams and technology leaders through collaboration, technical expertise, and sound risk-based decision making.
Experience driving the adoption of secure development practices and integrating security into engineering workflows and SDLC processes.
Excellent communication skills with the ability to translate complex technical concepts into actionable guidance for both technical and executive stakeholders.
Proven track record of leading security initiatives, establishing standards, and delivering measurable improvements to an organization's security posture.
Passion for mentoring engineers, fostering a security-first culture, and elevating the security capabilities of development teams.
Benefits
Equity for all employees
Flexible time off and paid volunteer days
RRSP and 401k match
Training and career development programs
Comprehensive private benefits plan including medical, mental health, dental, disability, life and AD&D, and value-added services
Robust Employee Assistance Program (EAP) with mental health services
Manager Cyber Cloud Security and AI at PwC protecting organizations from cyber threats. Leading cybersecurity strategy focused on AI security, team collaboration, and stakeholder engagement.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.