Application and Product Security Principal
Global Relay10 days ago
Responsibilities
- Lead DevSecOps areas of application security and vulnerability scanning.
- Integrate security practices into every stage of the software development lifecycle.
- Champion a proactive, risk-based approach to security.
- Conduct security sessions for development teams focusing on risks and vulnerabilities.
- Develop and deploy an automated security framework for tools and processes.
- Review and analyze vulnerability data to identify security risks.
- Mentor less experienced team members and promote a strong security culture.
- Create security documentation and developer training materials.
- Act as the senior subject matter expert for software security testing.
- Lead the selection and management of security scanning tools.
Requirements
- 8+ years of application security and operations experience.
- Expert knowledge of secure software development practices.
- Experience with OWASP, Mitre, NIST SP800-115, SAST, DAST, and SCA.
- Proficiency in scripting languages such as Python, Java, Bash, and PowerShell.
- Familiarity with CI/CD technologies and containerization tools.
- Ability to communicate effectively with technical and non-technical teams.
- Strong problem-solving skills and attention to detail.
- Experience with security and privacy standards like ISO 27000 and GDPR is a plus.
Benefits
- Comprehensive extended health benefits program, including virtual healthcare.
- Annual vacation days that increase with tenure.
- Paid sick days and maternity/parental enhancement program.
- Bonus and RRSP contribution matching program.
- Subsidized meal program for Vancouver-based employees.