Senior Cybersecurity Advisor providing support to threat and vulnerability analysts at Exposant 3 in a hybrid work model. Collaborating on incident responses and vulnerability management in a dynamic team.
About the role
- Staff Security Engineer safeguarding and auditing the security of Pantheon’s WebOps Platform. Joining a team focusing on Security by Design in agile and cloud-native environments.
Responsibilities
- Implement “Security by Design” within agile software development and cloud-native environments.
- Act as a Subject Matter Expert (SME), mentoring, coaching, and supporting all security engineering efforts across the organization.
- Define, organize, and implement application security policy, process, standards, and guidelines.
- Helping engineering teams design and build high-performing, secure applications by mitigating security issues in a risk-based manner.
- Define, document, and champion processes and practices for a secure Software Development Life Cycle (SDLC).
- Be a driving force in establishing a strong security culture within platform engineering teams.
- Lead Threat Modeling as a core principle for the Secure by Design strategy.
- Conduct Secure Code and Architecture Design Reviews, including threat modeling and technology/risk-based assessments.
- Automate application security testing and controls, integrating them directly into the CI/CD pipelines.
- Responsible for the deployment, operation, and tuning of security tools (SAST, DAST, IAST, and CSPM), with a focus on platforms like CodeQL and Wiz.io.
- Partner with engineering to effectively prioritize and remediate identified vulnerabilities.
- Manage tools for Software Composition Analysis (SCA) to ensure supply chain security. Coordinate internal and external Penetration Testing activities with the Security Operations team.
Requirements
- Minimum of 10+ years of overall experience, with at least 5+ years dedicated to Application Security
- Deep, hands-on experience in Secure by Design development practices, including guiding Secure Architecture and System Design.
- Extensive experience securing production systems in Cloud environments (e.g., AWS, Azure, GCP).
- Ability to build maintainable components in Go or Python.
- Hands-on experience with jenkins/cloud pipelines/ circleci (bonus points for experience with reusable workflows).
- Experience working with containerization (e.g., Docker, OCI), Terraform, and Kubernetes (K8s).
- Proven ability to build, select, and implement application security tools, and integrate them into CI/CD pipelines.
- Bachelor's degree in Computer Science or equivalent practical experience.
Benefits
- Industry competitive compensation and equity plan
- Paid Time Off (PTO), Paid Sick Leave (PSL) and 11 Paid Company Holidays
- Full medical coverage (Extended health care, dental, vision)
- Top-of-line equipment
- In-office workspace (Vancouver, BC Canada)
- Monthly allowance for wellness, reading and access to LinkedIn Learning for continued development
- Events and activities both team-based and company wide that inspire, educate and cultivate
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Financial Security Advisor at RBC Insurance connecting clients with comprehensive insurance solutions. Building client relationships and leveraging RBC’s brand to grow the market.
Senior IAM Systems Support Analyst responsible for deploying and improving IAM services at RBC. Supporting MFA systems and ensuring platform reliability while collaborating with various teams.
Senior Manager overseeing IAM initiatives and strategic roadmap execution at RBC. Partnering with stakeholders to enhance organizational capabilities in Identity and Access Management.
Senior Security Consultant specializing in penetration testing at TEHORA. Defining security strategies and conducting risk analyses and audits.
Senior Internal Controller in information security defining security strategies and conducting risk analysis. Participating in audits and controls for a multidisciplinary firm in Canada.
Product Manager responsible for managing Microsoft Security Services portfolio at Softchoice. Engaging with customers, Microsoft and stakeholders to drive market success and growth.
LP
Network Security Engineer
LinkedIn Recruiter Post
Network Security Engineer managing operations, implementing security architecture, and providing L3 support. Expertise in Checkpoint, Zscaler, Cloudflare, Aruba Clearpass, and email security required.
Program Manager leading AI and data security initiatives at Canadian Tire Corporation. Maintaining compliance and aligning security strategies with business objectives.
Senior Information Security Governance Advisor at TEHORA defining security strategies and conducting risk analyses. Participating in audits and controls while supporting organizational and technological changes.