Senior IT Security Engineer at NEAR Foundation leading information security program and compliance initiatives. Partnering with IT teams for secure architectural design and risk management.
About the role
- Seeking Application Security Engineer for Clio, a leading legal AI technology firm. Focus on security vulnerabilities and building partnerships with development teams.
Responsibilities
- Write, review, debug, and implement tools to help developers avoid security flaws;
- Build partnerships with development teams and advise on security best practices;
- Contribute to collective developer education by driving security awareness and knowledge amongst the product organization;
- Provide detailed guidance and support to teams in vulnerability remediation, and develop frameworks, guidelines, and systematic fixes for recurring vulnerabilities;
- Resolve issues, navigate ambiguity, and maintain positive working relationships with researchers in our Bug Bounty program;
- Identify and implement tools for automated application scanning, static analysis and related tools;
- Perform penetration testing, and offensive campaigns against internal assets;
- Perform reactive incident response and forensics when a security event occurs;
- Perform proactive research to detect new attack vectors;
- Elevate and educate our security culture within Clio, contributing to our cultural values;
Requirements
- Experience in Application or Product Security, with a focus on offensive security and penetration testing
- Hands-on expertise identifying and exploiting complex vulnerabilities (e.g., SSRF, Deserialization, logic bypasses)
- Proven ability to lead and conduct formal threat modeling sessions
- Strong proficiency in at least one major programming language (e.g., Python, .NET, JavaScript)
- Experience securing applications in modern cloud environments (AWS, Azure, or GCP)
- Expertise with common application security tools and platforms (e.g., Burp Suite, SAST, SCA)
- Experience with log aggregation and SIEM technologies
- Ability to identify malicious behaviour and emerging threats via log analysis
- Demonstrate a keen interest in improving your craft by using AI
- Security certifications such as OSCP or OSWE is a serious bonus
- Active participation in the security community (e.g., presenting at conferences, contributing to open-source tools)
- Experience with Ruby on Rails, Puppet, Kubernetes, Terraform, ELK (Elastic, Logstash and Kibana)
- Strong AWS security experience on EC2 and managed services
- Infrastructure security (WAF, ACLs, authentication, device hardening)
Benefits
- Competitive, equitable salary with top-tier health benefits, dental, and vision insurance
- Hybrid work environment, with expectation for local Clions (Vancouver, Calgary, Toronto, Dublin and Sydney) to be in office min. twice per week.
- Flexible time off policy, with an encouraged 20 days off per year.
- $2000 annual counseling benefit
- RRSP matching and RESP contribution
- Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Bilingual Security Director for International SOS driving revenue growth of health security subscription services in Canada. Supporting consulting, training, and managed services with trusted client relationships.
Program Manager driving complex engineering projects within the Product Security organization at CrowdStrike. Collaborating cross - functionally to ensure timely delivery of security solutions across product portfolios.
Security Engineer focused on matching technology opportunities with customer business objectives at Tenable. Delivering technical presentations and driving successful customer engagements in cybersecurity solutions.
Business Development & Capture Lead for Global Spatial Technology Solutions driving revenue growth in defence sector. Engaging senior stakeholders and leading proposal development across global markets from a remote location.
IT & Security Specialist managing IT operations, security, and infrastructure for Senstar, a leader in security technology. Hands - on role blending end - user support, cybersecurity, and infrastructure management.
HR Systems Security Specialist responsible for design, configuration, and administration of security within Workday and SAP. Collaborating with HR and stakeholders to ensure effective access design and compliance.
Cybersecurity advisor working within the DCYB to develop IT security measures. Collaborating with teams to fortify cybersecurity posture and ensuring data protection for citizens.
Consultant in remuneration and occupational health and safety at the Quebec Federation of Municipalities. Ensuring employee needs match organizational requirements and promoting a safe work environment.
Cybersecurity Administrator providing operational support for compliance activities in information security. Assisting vendor risk management, audit coordination, and vulnerability tracking.