Lead Applications Security Engineer

Lead and evolve application security practices by embedding secure-by-design principles across engineering teams, products, and platforms in a fast-moving cloud and AI-native environment.

• Lead threat modeling sessions for applications, APIs, microservices, and AI/LLM-enabled systems
• Define and promote secure architecture patterns and conduct security design reviews across products and platforms
• Own end-to-end application security initiatives and drive organization-wide risk reduction programs
• Conduct security assessments for new features, cloud infrastructure, and GenAI/AI-driven capabilities
• Implement, manage, and optimize AppSec tooling such as SAST, DAST, SCA, IAST, IaC scanning, and container security solutions
• Establish security metrics, dashboards, and scalable processes to track and improve security posture
• Influence engineering and product teams to adopt secure development practices across the SDLC
• Drive internal standards for secure development and contribute to R&D-wide security governance
• Mentor engineers and Security Champions while fostering a strong security-first engineering culture

Requirements:

7+ years of experience in Application Security, Product Security, or Secure Software Development, with proven leadership in securing complex, distributed systems and modern cloud-native architectures. Strong ability to translate technical risk into actionable engineering guidance and influence senior stakeholders.

• Deep expertise in secure software design principles, including OWASP Top 10, OWASP ASVS, and modern AppSec frameworks
• Proven experience leading threat modeling, architecture reviews, and risk assessments at scale
• Hands-on expertise with AppSec tooling (SAST, DAST, SCA, IaC scanning, container and cloud security tools)
• Strong understanding of cloud platforms such as AWS, Azure, or GCP and their security models
• Experience securing SaaS platforms, distributed systems, and production-grade cloud-native environments
• Knowledge of AI/GenAI security concepts, including LLM risks and secure AI system design practices
• Demonstrated ability to influence engineering teams and leadership through risk-based decision-making
• Strong communication skills, with the ability to simplify complex security concepts for technical and non-technical audiences
• Experience driving security culture change and embedding security into SDLC workflows
• Strong mentoring mindset with a passion for developing engineers and improving organizational maturity

Benefits:

• Competitive base salary (CAD $60,000 – $211,000, depending on experience and level)
• Variable incentive compensation and new hire equity grants
• Remote-first work environment across Canada
• Comprehensive health benefits including medical, dental, vision, mental health, and disability coverage
• RRSP matching and retirement savings programs
• Flexible time off, paid volunteer days, and parental leave support
• Learning, training, and professional development programs
• Equity participation for all employees
• Home office support and employee wellness programs
• Inclusive, collaborative, and globally distributed engineering culture.