Clio · Jan 8th 2021
We are currently seeking a Senior Application Security Developerto join our Security team. This role can be performed from one of our Canadian offices, remotely across Canada, or a combination of both. Some exemptions may apply.
What your team does:
Our team is focused on protecting our customers, and training our developers to write secure code. We’re a collaborative service team that works hard to enable developer velocity. We’re not gatekeepers, we’re enablers! We build automated tooling, monitor and triage CVEs & security bugs, and spend as much time pairing and teaching as we can.We’re interested in individuals with high agency, a sense of curiosity, and the ability to handle ambiguity. You know when something doesn’t look right and trust your gut instinct to dig further.
A day in the life might look like:
Develop and implement tools to help developers avoid security flaws;
Build partnerships with development teams and advise on security best practices.
Contribute to driving security awareness and knowledge amongst the product organization;
Provide detailed guidance and support to teams in vulnerability remediation;
Identify and implement tools for automated application scanning, static analysis and related tools;
Perform penetration testing;
Perform reactive incident response when a security event occurs;
Perform proactive research to detect new attack vectors;
Elevate and educate our security culture within Clio, contributing to our cultural values of “No doors, only windows” and “Live a learning mindset”.
You may be fit for this role if you:
Someone who loves learning and developing creative security solutions for a fast growing, continuous integration environment that hits upwards of 50 deployments a day;
4+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and / or threat modeling;
Serious bonus points if you have:
Experience with pentesting, bug bounty, or other testing disciplines;
Ideas on how to successfully scale and grow a progressive security organization; and
Experience with large Rails applications, automating security best practices, and/or building developer-facing tools.
Where your team works:
Clio is currently transitioning to a workplace that is distributed by design. This means that Clio offers employees more choice: the opportunity to work from one of our hub offices across Canada, remotely, or a combination of both. We have invested in best-in-class tools, technology, and culture to ensure our team members are able to do their best work whether they prefer to work from an office or remotely.