Senior Application Security Developer

Clio


3 months ago

06/17/2019 10:21:23

Job type: Full-time

Hiring from: Vancouver or Calgary

Category: Software Dev


We are currently seeking a Senior Application Security Developer to join our Information Security team.  Are you someone who’s always probing and asking why, someone who enjoys finding smarter and more efficient solutions to problems and helping teams level-up their security practices? If you have a strong operations background with a passion for security and experience in cloud-first environments, then we want to talk to you.

Founded in Vancouver, Canada in 2008, Clio is transforming the practice of law, for good. Whether it's our industry-leading cloud-based practice management platform, our ground-breaking Legal Trends Report or our ever-popular Clio Cloud Conference, Clio is at the forefront of advancing the legal sphere.

With the help of the cloud, we make lawyers’ lives simpler and help them better organize and manage their legal practices. As one of Canada’s fastest-growing companies with international reach, we employ over 250 individuals with a rapidly growing customer base spanning 90 countries. Clio has been recognized as one of CIX’s Top 20 Most Influential Technology Companies, one of Canada’s Top Small & Medium Employers, and has one of Canada’s 10 Most Admired Corporate Cultures. Additionally, for the last two years, we have been recognized on Deloitte's Fast50 Fast500 lists.


What you'll be doing:

  • Mentoring and sharing best security practices;

  • Develop and implement tools to help developers avoid security flaws;

  • Build partnerships with developments teams and provide expertise in security best practices;

  • Contribute to driving security awareness and knowledge amongst the product organization;

  • Provide detailed guidance and support to teams in vulnerability remediation;

  • Identify and implement tools for automated application scanning, static analysis and related tools;

  • Perform penetration testing;

  • Perform reactive incident response when a security event occurs;

  • Perform proactive research to detect new attack vectors;

  • Elevate and educate our security culture within Clio, contributing to our cultural values of “No doors, only windows” and “Live a learning mindset”.

Who you are:

  • A curious person who is willing to ask many questions;

  • Someone who loves learning new things and developing creative security solutions for a fast growing, continuous integration environment;

  • 5+ years experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and threat modelling;

  • Experience with AWS, Ruby on Rails, Python, Javascript and other modern open source languages and tools.

 

Why would you want to work here:

We offer a great compensation package, 3 weeks vacation, a fun work environment, a great benefits plan, and an opportunity to be part of a great growth story with unlimited potential. We are looking for owl-drawers and team builders—people who work hard and play for keeps. We hire the brightest, most driven people in tech, and boast alumni from Google, Salesforce, Facebook, Amazon and LinkedIn on our team. Come and join them!

Location:

We are preferably looking for someone to be in our world-class office in Vancouver or Calgary. We are also open to remote options in similar time zones. 

Need more reasons? Here are some things that make us awesome:

  • The chance to do work that matters on a product that truly changes lives. This is the place for driven people who want to make their mark.

  • The freedom to choose your own path (and change it) to build a meaningful career that works for you.

  • Excellent health and dental coverage, vacation time, parental leave options and education spending

  • An RRSP matching program

  • Regular games nights and team outings with the best coworkers you’ll ever work with

We believe that ensuring diversity and inclusion will produce a better place to work and a better product. We encourage all candidates to apply.

Please mention that you come from Remotive when applying for this job.

Help us maintain Remotive! If this link is broken, please just click to report dead link!

similar jobs

  • 4 weeks ago

    DESCRIPTION

    TaxJar is the leading technology solution for busy eCommerce sellers to manage sales tax and is trusted by more than 15,000 businesses.

    Our core values

    • We do the right thing for our customers.

    • We're a team, built on trust.

    • We're proud to be remote.

    • We're in control of our own destiny.

    TaxJar’s remote-only team of 100+ people is growing quickly. We have an immediate opening for a Security Analyst who wants to help us make eCommerce easier for everyone.

    We're looking for a detailed oriented and experienced Security Analyst that has a passion for information security and is eager to make an impact in a growing company.

    On our team you will have the opportunity to help build, grow, and maintain our Information Security Program. This position reports to the Director of Information Security.

    *This is a full-time remote position available to folks located in the US.

    As a Security Analyst for TaxJar you will:

    • Develop a comprehensive understanding of our Security Policies, SOC2 and GDPR controls in order to manage and track commitments from partners and vendors

    • Own the Access Control management process for all employees

    • Analyze, track, and monitor alerts from our Cloud SIEM (security analytics tool)

    • Deploy, manage, and help secure employees workstations using Jamf - MDM tool

    • Perform security reviews of vendors to ensure compliance with policies and customer requirements

    • Assist with ongoing and annual Security and Privacy Awareness training for employees

    • Ongoing auditing and testing of security controls to ensure adherence with SOC2 and GDPR compliance frameworks

    • Perform regularly-scheduled vulnerability scans to support regulatory compliance and identification of new vulnerabilities

    • Assist with annual risk assessments, incident response, and business continuity planning

    • Responsible for monitoring and analyzing of all Data Loss Prevention events using Amazon Macie and CloudTrail

    REQUIREMENTS

    • 3 - 5 years of experience in a technology and information security related role

    • Experience supporting SOC2 compliance, GDPR experience is a plus

    • Knowledge and expertise of Mobile Device Management (MDM) tools, preferably with Jamf

    • Superior attention to detail, with strong process and documentation skills

    • Fast learner and someone who is always eager to learn and adapt (growth mindset)

    • Self-directed, self-motivated

    • Agile, humble, trustworthy, and a team player

    • Excel at communicating with the team remotely (chat, video, email, etc)

    You’ll be a great fit on our team if you

    • Only want to work remotely

    • Are a PRO at communicating and collaboration

    • Highly value working with people you like and respect

    • Are accountable

    • Are confident in your skills and a solid team player (We’re peers here, no egos please) but also comfortable working asynchronously

    • Hungry to play an impactful role and not afraid to fail

    We’re a happy team and we all really love what we do. We've created a space where high-achievers can succeed but are also safe to fail. We're profitable and focused on growing TaxJar sustainably. We're always learning how to make TaxJar the best place to work for all of us, and not just another tech startup. We’re always looking for an amazing new teammate to come share in the excitement of solving real-world problems with technology.

    BENEFITS

    • Excellent health, vision and dental benefits

    • Flexible vacation policy

    • 401k Plan

    • $1,000 in professional development credit

    • Home office stipend

    • Equity in a profitable company

    • 2x year all-company in person retreats (fully paid for by us of course)

    • Mandatory Birthday holiday!

    • 12 week paid maternity/ 6 week paid paternity leave

    • Monthly perks reimbursement for things like Netflix, Amazon Prime, your gym membership, home internet and more.

    We offer all of our employees amazing benefits. Visit www.TaxJar.com/jobs for a full list of our benefits and to learn more about how we work and what we stand for.

    If you're not the perfect fit for this position, but you know someone who is, we'll pay you $1,000 if you refer us to the person we hire.

  • What would I do at Voxnest?

    You will join a small and talented team who are responsible for managing and continuously evolving the infrastructure, powering the entire Voxnest's podcast hosting and delivery platform.

    You would

    • Manage a multi-regional infrastructure running fully on AWS

    • Work with a diverse set of technologies, using a mix of serverless solutions and containerized applications running on Kubernetes

    • Automate all the things

    • Continuously improve observability

    • Run deep root cause analysis on failures

    • Contribute to designing the next-generation of Voxnest's services

    What we're looking for

    We're looking for a passionate engineer with some experience in both development and SRE / infrastructure.

    You should have some production experience with:

    • AWS services, in particular: EC2, VPC networking, S3, CloudFront, Lambda

    • Linux

    • Docker and a containers orchestrator (ie. Kubernetes)

    Plus, there are a couple of strict requirements:

    • Fluency in English (both verbal and written)

    • European-centric timezone (CET-2/CET+2): we will not consider candidates living outside Europe who stretch their working hours to match the timezone

    Finally, you'll get some bonus points if you have any production experience with at least a few of the following technologies:

    • Prometheus

    • Ansible

    • Python

    Why should I choose Voxnest?

    Voxnest has a very talented engineering team. Working at Voxnest, you will be in constant contact with the other engineers, and be able to discuss every technological aspect of the product and contribute to designing architectural changes and improvements.

    You will continuously learn and work in production with cutting edge technologies (including Docker, Kubernetes, Prometheus, AWS serverless solutions), keeping up with the high pace of our industry.

    In addition, our key benefits are:

    • Remote working environment

    • Work-life balance

    • Flexible hours according to work deliverables and commitments

    • Yearly Company retreat in cool places around the world

    • Great opportunities to develop and grow your professional skill set in a dynamic working environment

    • Yearly training budget to buy books, attend conferences and improve your skills

  • We are looking for a Senior Systems Engineer to join our team and help drive the development of each of our product verticals.

    Airservice is seeking to open this role to someone that is a solution driven self-starter with a proven track record of delivering production ready Serverless applications. You will work closely with our talented CTO and System Engineers to deliver high quality code that is readable, performant and scalable.

    Responsibilities:

    • Design and development of micro service platform APIs with deployment onto distributed architectures and specific environmental interfaces within a range of implementation environments.

    • Build and maintain CI/CD pipelines

    • Building of application testing, and fault finding and sandbox application builds.

    • Brain-storming ideas with the rest of team, and prototyping new ideas to ensure we (and our customers) can stay ahead of the competition.

    Requirements

    • Proven experience (4+ years) of design and build of distributed web based applications and platforms using the Ruby and JavaScript languages and related platforms

    • Experience with deployment and management of distributed applications

    • An understanding of SOA and micro service design patterns and architectures

    • Experience across the suite of AWS Services

    • Ability to work in a distributed team, with the confidence to work independently as well as seek assistance and work collaboratively when required.

    • A fundamental understanding of coding and an ability to work things out from first principles.

    • An interest in other platforms and integrations, such as Chromecast, Carplay, Android, iOS, Alexa, Sonos and the like.

    • Excellent attention to detail, and a desire to be proud of what you do.

    • An appreciation of why design and UX is important.

    • Drive to keep up to date with developments and trends in the tech and modern media world

    • Strong organisational skills

    • Mathematical aptitude

    • Good understanding an appreciation of test frameworks, why they are used and how to implement them

    • Experience with and good understanding of CI/CD pipelines and how to implement for high iteration cycles

    • The ability to learn quickly

    • The ability to interpret and follow technical plans

    • Problem-solving skills

    Perks

    • Competitive salary

    • Competitive equity

    • A highly skilled and dedicated team that is fun to work with

    • Remote work - We are fully distributed team that works from anywhere with good internet

    • Hardware - your own iPad and MacBook Pro if required

Remotive can help!

Not sure how to apply properly to this job? Watch our live webinar « 3 Mistakes to Avoid When Looking For A Remote Startup Job (And What To Do Instead) ».

Interested to chat with Remote workers? Join our community!