Senior Application Security Developer
Calgary, AB, Canada
Full Time
Experienced
Senior Application Security Developer
Reports To: Development Manager, Engineering & Security
About the Job:
With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future, developing new infrastructure features. They will have a familiarity with PCI, GDPR and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
Reports To: Development Manager, Engineering & Security
About the Job:
With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future, developing new infrastructure features. They will have a familiarity with PCI, GDPR and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
- Front End: React Native, React, JavaScript
- Backend: Ruby, Rails, GraphQL, PostgreSQL, Redis, CouchDb
- Cloud Platform: AWS
- Tools: GitHub, Sidekiq, Docker
- Help shape our maturing security vulnerability management program, in support of our PCI DSS and SOC2 security compliance obligations
- Participate in vulnerability assessments, security audits, penetration tests and resolution of any findings
- Complete security code reviews with the use of scanning tools and manual inspection
- Support incident response and architecture review processes when application security expertise is required
- Integrate threat modeling practices into the product development life cycle
- Review/analyze security logs/reports from a variety of sources; propose/implement recommendations for improvement
- Conduct real time tactical management of security events in collaboration with the compliance and engineering teams
- Create and execute phishing campaigns inclusive of ongoing review/analysis/risk prioritization of authentic phishing emails
- Support Vendor Management activities to ensure security standards are adhered to
- 8+ years of developer experience, with at least 3 of those years specialized in security vulnerability management
- Proficiency with Ruby on Rails and React
- Proven experience in mobile application development (IOS/Android)
- Direct experience with enterprise server platforms, virtualized technology and cloud operations (AWS, Docker)
- Expertise in employing analytics/threat intelligence techniques, incident response process and software security
- Deep knowledge of compliance and privacy management across North America and Europe
- Experienced in the use of the development and testing tools with strong knowledge of networking security
- Excellent communicator capable of explaining vulnerabilities and weaknesses and discussing effective defensive techniques to technical/non-technical team members
- Programming experience in
- unix/mac,javascript/ruby/shell
- reactjs/react-native/graphq/rest/rails/sidekiq/postgres/couchdb/redis
- stripe/heroku/aws/github/rubymine
Apply for this position
Required*