Close X

Security Engineer - Software Stack

Montreal - Full-time - Senior

We are looking for a skilled Security Engineer to analyze software designs and implementations from a security perspective, and identify and resolve security issues. You will include the appropriate security analysis, defences and countermeasures at each phase of the software development lifecycle, to result in robust and reliable software.

You will have to respond to, and document, any security threats, resolve technical faults and allocate resources to deliver real solutions in a cost-effective way.

The ideal candidate will share our passion for engineering solutions to complex security problems.

Responsibilities

• Implement, test and operate advanced software security techniques in compliance with technical reference architecture

• Perform on-going security testing and code review to improve software security

• Troubleshoot and debug issues that arise

• Provide engineering designs for new software solutions to help mitigate security vulnerabilities

• Contribute to all levels of the architecture

• Maintain technical documentation

• Consult team members on secure coding practices

• Develop a familiarity with new tools and best practices

• Understanding complex technical issues and managing them within a fast-paced business environment

• Perform security assessments of core corporate services

• Enhance the security posture of infrastructure and tools

• Documenting security certification and provide security guidance on a constant stream of new projects and technologies

• Identifying current and emerging technology issues including security trends, vulnerabilities and threats

• Sourcing and implementing new security solutions to better protect the organization

• Conducting proactive research to analyze security weaknesses and recommend appropriate strategies

• Use analysis and metrics to improve workflow and processes that increase our team's operational efficiency and impact

• Manage multiple projects at once while effectively prioritizing time based on team priorities

Minimum qualifications

• B.S. in Computer Science or related field, or equivalent experience

• Minimum of four (4) years of experience as a Software security Engineer

• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation

• Software development experience in the following core languages: Java, Javascript, HTML and CSS

• Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols

• Understanding differences between multiple delivery platforms such as mobile vs. desktop

• Experience developing tools using an interpreted programming language (Java, Python, PowerShell, etc.)

• Knowledge with internet security issues and the threat landscape

• Experience with operating systems internals and hardening with an emphasis on endpoint security (OSX, Windows, Linux, mobile platforms)

• Problem solving experience

• Security certifications such as CISSP, GISP, and CISM.

Preferred qualifications

• Familiarity with SQL and NoSQL

• Knowledge of UNIX and TCP/IP network fundamentals

• Knowledge of continuous deployment processes and multi region cloud deployment

Skills and technologies

• Enthusiasm in staying up to date with the very latest updates about security threats and solutions

• Outstanding communication skills that go beyond “tech talk” – the ability to translate complex IT matters to those without an IT background

• Strong time management, organizational and self-motivation skills

• High attention to detail