Jobs
>
Vancouver

    Staff Security Engineer - Vancouver, Canada - Pantheon

    Pantheon
    Pantheon Vancouver, Canada

    2 weeks ago

    Default job background
    Description

    Pantheon

    Pantheon is the WebOps platform where teams build, host, and manage their websites. Pantheon delivers all your business needs for digital speed and agility.

    View company page

    Pantheon is the WebOps platform for websites that deliver extraordinary results. We believe in putting the magic of the internet in everyone's hands. That's why we're so passionate about helping developers, IT and marketing develop, test, and release website changes faster and more reliably so they can build and maintain websites that create value for their organizations. Our cloud native software makes it easy to securely manage a single website or thousands of websites across multiple teams in one platform.

    Pantheon's core company values are Trust, Teamwork, Passion, and Customers First. At Pantheon, we work hard and play harder, valuing individuality, humor, and balance. We're enthusiastic participants in several open-source communities and have real relationships with many of our most active customers. If all of this sounds interesting to you, read on

    The Role

    Pantheon's Application Security team is responsible for safeguarding, auditing, and testing the security of Pantheon's entire platform. Our Application Security team aims to create a comprehensive and multi-dimensional approach to application security, with a focus on Security by Design in agile software development and cloud native environments.

    We are seeking a passionate, driven, and experienced application security engineer to join our growing team. As a Staff Application Security Engineer, you will help our engineering teams design and build applications that are secure and perform well by mitigating security issues. You will help mentor, coach and support all team members in security engineering across the organization as a subject matter expert. You will fill a key role in helping define, organizing and implementing application security policy, process, standards, guidelines and their implementation.

    What You Need to Succeed

    • Software Composition Analysis: Composition of software, dependencies, BOM and supply chain security.
    • Static Application Security Testing (SAST): With SAST, we delve into the application's source code, examining it meticulously for vulnerabilities and weaknesses.
    • Dynamic Application Security Testing (DAST): Our DAST capability involves the thorough security assessment of running applications.
    • Threat Modeling: Threat modeling is the cornerstone of our proactive security strategy, and a key principle in Secure by Design.
    • Secure Code and Architecture Design Review: Our secure code review capability combines both manual expertise and automated analysis with various custom and vendor based tools. Architecture and Design reviews involve threat modeling, technology and risk based assessment.

    You will

    • Define process, guidelines and practices to ensure secure software development, collaborating with the team members and cross organizational stakeholders.
    • Automate application security testing and controls.
    • Conduct platform services testing to identify application security issues, adhering to industry standards like OWASP Web Security Testing Guide.
    • Partner with engineering teams and product managers to prioritize and address vulnerabilities in Pantheon's Platform.
    • Engage in both internal and external (vendor) penetration testing
    • Develop, Deploy, and Manage technical application security controls to meet regulatory and compliance requirements.
    • Participate in audit processes to ensure regulatory and compliance needs.
    • Contribute to the governance of platform security and fostering innovation within Pantheon's Platform.

    What You Bring To The Table

    • Bachelors of Computer Science or a related field, or equivalent experience.
    • 10+ years overall experience in Security, Software and Platforms, with 5+ years dedicated to Application Security.
    • Experience in Cloud environments.
    • Experience in Secure by Design development practices, including providing guidance on Secure Architecture and System Design.
    • Familiarity with SDLC and SDL methodologies.
    • Ability to build or select application security tools and implement CI/CD pipelines.
    • Strong communication skills for collaborating with engineering teams on complex application security issues.

    Bonus

    • Experience with Security Infrastructure, Kubernetes Security, and Penetration Testing

    What We Offer

    We have all the usual perks and benefits but what we can really offer you is a fantastic work environment powered by an amazing team.

    • Industry competitive compensation and equity plan
    • Paid Time Off (PTO), Paid Sick Leave (PSL) and 11 Paid Company Holidays
    • Full medical coverage (Extended health care, dental, vision)
    • Monthly allowance for wellness, reading and access to LinkedIn Learning for continued development
    • Events and activities both team-based and company wide that inspire, educate and cultivate

    Pantheon is an equal opportunity action employer and we welcome applications from all backgrounds regardless of race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other classification protected by law. Pantheon complies with federal and local disability laws and makes reasonable accommodations for applicants and employees with disabilities. If you need a reasonable accommodation due to a disability for any part of the interview process, please contact Pursuant to local and federal regulations, Pantheon will consider qualified applicants with arrest and conviction records for employment.

    To review the Employee and Applicant's Privacy Policy, click here .

    Visa Sponsorship is not available at this time.

    Explore more InfoSec / Cybersecurity career opportunities

    Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

    #J-18808-Ljbffr

  • Dapper Labs

    Security Engineer

    3 weeks ago


    Dapper Labs Vancouver, Canada Full time

    As a Security Engineer at Dapper Labs, you will be instrumental in shaping the security landscape of our innovative blockchain solutions. This role spans across infrastructure and application security, compliance, strategic security initiatives, and legal aspects related to the c ...

  • Dapper Labs

    Security Engineer

    2 weeks ago


    Dapper Labs Vancouver, BC, Canada

    As a Security Engineer at Dapper Labs, you will be instrumental in shaping the security landscape of our innovative blockchain solutions. This role spans across infrastructure and application security, compliance, strategic security initiatives, and legal aspects related to the c ...

  • TEEMA

    Security Engineer

    3 weeks ago


    TEEMA Vancouver, Canada

    ISO 27001 Experience Exceptional Communications Skills (able to make presentations and write policies) Experience with Governance and Security Policies Strong Documentation Skills Reporting to the Manager, Information Security Risk & Compliance, the Security Engineer, Data Privac ...

  • Pantheon

    Security Engineer

    4 days ago


    Pantheon Vancouver, Canada

    Pantheon · is the website platform built for WordPress and Drupal. We deliver your business needs to build, host, and manage with digital speed and agility. View company page · Pantheon's Application Security team is responsible for safeguarding, auditing, and testing the secur ...

  • Pantheon

    Security Engineer

    3 days ago


    Pantheon Vancouver, BC, Canada

    io is the website platform built for WordPress and Drupal. We deliver your business needs to build, host, and manage with digital speed and agility. Pantheon's Application Security team is responsible for safeguarding, auditing, and testing the security of Pantheon's entire platf ...

  • SAP SE

    Security Engineer

    1 day ago


    SAP SE Vancouver, Canada

    We help the world run better · At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces ...

  • SAP SE

    Security Engineer

    15 hours ago


    SAP SE Vancouver, BC, Canada $71,000 - $150,800

    We help the world run better · At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces ...


  • AdventInfotech British Columbia, Canada

    Cyber Security Engineer: · As a Cyber Security Engineer, you will be responsible for safeguarding an organization's computer networks and systems. You will utilize your expertise in cybersecurity principles, practices, and tools to protect sensitive data, prevent unauthorized acc ...


  • Autodesk Vancouver, Canada Full time

    Position Overview · We seek a talented and motivated individual who will strategize and support opportunities to further mature our Autodesk's security posture on the SaaS Trust team. This newly created role will be responsible for all daily for SaaS Security & Trust at Autodesk ...


  • Amazon Vancouver, Canada

    Product Security Engineer, Payments Security · Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars through our systems annually. We are re-inventing t ...


  • Pager Vancouver, BC, Canada $156,000 - $232,000

    Senior Security Engineer - Security Automation PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. · Visit our careers site to explore life at PagerDuty, discover opportunities, and sign-up for job ale ...


  • Yelp Vancouver, Canada Regular (Full time)

    JOB DESCRIPTION Summary · Yelp engineering culture is driven by our : we're a cooperative team that values individual authenticity and encourages creative solutions to problems. All new engineers deploy working code their first week, and we strive to broaden individual impact ...


  • Django Rest Framework Vancouver, BC, Canada

    Remote Senior Security Engineer About to help maximize lives–both the lives of our customers and the lives of our employees– so that everyone can experience all that life has to offer. We are more than a fast-paced, high-growth tech company; We are looking for a Senior Security ...


  • 0000050007 Royal Bank of Canada Vancouver, Canada Full time

    Job Description · What is the Opportunity? As a Software Engineer, Cloud Security you will play a crucial role in developing innovative solutions to enhance RBC's cloud security posture. You will also contribute to the developer experience and foster a culture that encourages be ...


  • Amazon Vancouver, BC, Canada $137,800

    Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren't possible in traditional IT environments. With AWS ...


  • 0000050007 Royal Bank of Canada Vancouver, Canada Full time

    Job Description · What is the Opportunity? The role of the Senior Security Detection Engineer is to provide specialized subject matter expertise for the Detection Engineering & Onboarding (DEO) team. This is a key technical role supporting mission critical enterprise network se ...


  • Hamilton Barnes Associates Limited Vancouver, BC, Canada $27,001

    The Network Security Engineer will play a crucial role in analyzing, designing, implementing, and configuring complex network and security infrastructure. · This hands-on position requires collaboration with various technical and business units to ensure the reliability and secu ...


  • Hamilton Barnes Associates Limited Vancouver, BC, Canada

    As a Level 3 Network Security Engineer, you will play a crucial role within an IT consultancy, working closely with one of their esteemed end customers. Your primary focus will be on providing expert support and leading projects related to network security, with an emphasis on Pa ...


  • Hamilton Barnes Associates Limited Vancouver, BC, Canada

    A major North American financial services company is seeking an experienced AWS Cloud Security Engineer as part of their ongoing expansion of their security team. · The role is fully remote and with a multi billion dollar company who prioritises cyber security. · Work with AWS ...


  • T-Net British Columbia Vancouver, BC, Canada

    Job Title: Application Security Engineer · Our client is on a mission, embracing DevSecOps culture, to provide efficient & secure deployment pipelines for their enterprise compliance solutions. They recognize direct security integration into the software delivery cycle is essent ...