Product Security Specialist ensuring security within software development lifecycle at Safe Software. Focused on vulnerability management and improving security tools and processes.
Responsibilities
Monitor, triage, and analyze vulnerability findings from commercial and internal tools, distinguishing true positives from false positives and duplicates.
Assess vulnerability impact in the context of Safe’s products and architectures, and document findings clearly for engineering teams.
Own vulnerability findings through investigation, prioritization, and handoff to development teams.
Maintain and update metadata used to track third-party dependencies and software components.
Conduct security and compliance reviews of third-party libraries and vendor components, including licensing and known risk signals.
Respond to internal and customer-facing questions regarding vulnerabilities and product security posture.
Assist with security questionnaires, audits, and other compliance-related inquiries.
Identify opportunities to improve or automate vulnerability monitoring, triage workflows, and tooling efficiency.
Requirements
1-2 years of experience in product security, application security, or a closely related cybersecurity role.
Solid understanding of common vulnerability classes and secure development practices (e.g., OWASP Top 10).
Experience working with vulnerability scanning tools, particularly software composition analysis (SCA) tools.
Proficiency in Python for automation, tooling, or analysis.
Strong analytical skills and the ability to interpret noisy or incomplete data.
Clear communication skills for technical and non-technical audiences.
A degree in Computer Science, Cybersecurity, Information Technology, or a related field—or equivalent practical experience.
Nice to Have: Familiarity with compliance frameworks such as SOC 2 or ISO 27001.
Security certifications (e.g., CISSP, CISM, or similar).
Experience in SaaS or product-focused engineering environments.
Benefits
Meaningful Work: Make a profound impact across our business, workplace and data integration product.
A Supportive Environment: Feel empowered to share your ideas and implement them with high autonomy and team support.
Social Responsibility: Become part of a team that finds meaningful ways to give back. Take paid time off to volunteer for one of our Safe-organized opportunities that align with our core community initiatives.
Learning & Career Development: We believe in your continuous learning and growth. Take advantage of an annual learning budget and training programs paid for by Safe.
Flexible Working Hours: Flexible and remote-friendly work arrangements to fit your lifestyle. Work when you want, and how you want to.
Work-Life Balance: There's no place for burnout at Safe. Maintain a healthy balance of your personal and work life without splitting yourself in two. Enjoy 3 weeks of vacation to recharge, plus an additional paid 6 seasonal days off per year.
Health & Wellness: Extended health, dental, health or lifestyle spending, and counseling benefits from day 1. That’s right, no waiting period.
Family is important: We are dedicated to supporting our employees through parenthood and offer a Parental Leave Top-Up Program for new parents through childbirth or adoption.
Shared Success: Share in Safe’s success with our bi-annual profit sharing and RRSP/TFSA matching program.
An Accessible Commute: Regardless of your commute method, we’re located close to public transit, and provide complimentary parking and bike storage for our team!
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.