Senior Application Security Engineer
Relay
full-time
Posted on:
Location Type: Hybrid
Location: Toronto • 🇨🇦 Canada
Visit company websiteJob Level
Senior
Tech Stack
JavaScriptPythonTypeScript
About the role
- Build and maintain secure-by-default libraries and CI checks
- Engage stakeholders and business partners to harden authentication
- Enforce provenance in software supply chain
- Embed security into CI/CD pipelines across various services
- Partner with SREs to enable infrastructure security
- Guide features through AI risk reviews
- Track emerging attacks and run targeted black-box tests
- Triage researcher reports and coordinate fixes
Requirements
- 5+ years of experience in Application Security, Product Security, Penetration Testing, or similar roles
- Expert in JavaScript, TypeScript, and Python
- Deep understanding of OWASP Top 10 and real-world exploitation/mitigation techniques
- Clear communicator & collaborator
- Comfortable mentoring team members and others on security best practices
Benefits
- Competitive salary and meaningful equity
- Comprehensive health benefits: enjoy full health benefits from day one
- Flexible vacation and time off: every team member starts with 15 vacation days and 5 flex days to use as needed
- Parental leave with top-up: we offer 12 weeks off with a 100% salary top-up for all full-time employees
- Hybrid work environment
- Dog-friendly space
- Personal and professional growth: through ongoing feedback, mentorship, and coaching
- Top-tier equipment
- Social connection: we believe in celebrating our wins with two annual company-wide get-togethers
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
JavaScriptTypeScriptPythonApplication SecurityProduct SecurityPenetration TestingOWASP Top 10CI/CDblack-box testingsecurity best practices
Soft skills
clear communicatorcollaboratormentoring