Jobs
>
Vancouver

    Staff Security Engineer - Vancouver, Canada - Pantheon

    Pantheon
    Pantheon Vancouver, Canada

    3 weeks ago

    Default job background
    Description

    Pantheon

    Pantheon is the WebOps platform where teams build, host, and manage their websites. Pantheon delivers all your business needs for digital speed and agility.

    View company page

    Pantheon is the WebOps platform for websites that deliver extraordinary results. We believe in putting the magic of the internet in everyone's hands. That's why we're so passionate about helping developers, IT and marketing develop, test, and release website changes faster and more reliably so they can build and maintain websites that create value for their organizations. Our cloud native software makes it easy to securely manage a single website or thousands of websites across multiple teams in one platform.

    Pantheon's core company values are Trust, Teamwork, Passion, and Customers First. At Pantheon, we work hard and play harder, valuing individuality, humor, and balance. We're enthusiastic participants in several open-source communities and have real relationships with many of our most active customers. If all of this sounds interesting to you, read on

    The Role

    Pantheon's Application Security team is responsible for safeguarding, auditing, and testing the security of Pantheon's entire platform. Our Application Security team aims to create a comprehensive and multi-dimensional approach to application security, with a focus on Security by Design in agile software development and cloud native environments.

    We are seeking a passionate, driven, and experienced application security engineer to join our growing team. As a Staff Application Security Engineer, you will help our engineering teams design and build applications that are secure and perform well by mitigating security issues. You will help mentor, coach and support all team members in security engineering across the organization as a subject matter expert. You will fill a key role in helping define, organizing and implementing application security policy, process, standards, guidelines and their implementation.

    What You Need to Succeed

    • Software Composition Analysis: Composition of software, dependencies, BOM and supply chain security.
    • Static Application Security Testing (SAST): With SAST, we delve into the application's source code, examining it meticulously for vulnerabilities and weaknesses.
    • Dynamic Application Security Testing (DAST): Our DAST capability involves the thorough security assessment of running applications.
    • Threat Modeling: Threat modeling is the cornerstone of our proactive security strategy, and a key principle in Secure by Design.
    • Secure Code and Architecture Design Review: Our secure code review capability combines both manual expertise and automated analysis with various custom and vendor based tools. Architecture and Design reviews involve threat modeling, technology and risk based assessment.

    You will

    • Define process, guidelines and practices to ensure secure software development, collaborating with the team members and cross organizational stakeholders.
    • Automate application security testing and controls.
    • Conduct platform services testing to identify application security issues, adhering to industry standards like OWASP Web Security Testing Guide.
    • Partner with engineering teams and product managers to prioritize and address vulnerabilities in Pantheon's Platform.
    • Engage in both internal and external (vendor) penetration testing
    • Develop, Deploy, and Manage technical application security controls to meet regulatory and compliance requirements.
    • Participate in audit processes to ensure regulatory and compliance needs.
    • Contribute to the governance of platform security and fostering innovation within Pantheon's Platform.

    What You Bring To The Table

    • Bachelors of Computer Science or a related field, or equivalent experience.
    • 10+ years overall experience in Security, Software and Platforms, with 5+ years dedicated to Application Security.
    • Experience in Cloud environments.
    • Experience in Secure by Design development practices, including providing guidance on Secure Architecture and System Design.
    • Familiarity with SDLC and SDL methodologies.
    • Ability to build or select application security tools and implement CI/CD pipelines.
    • Strong communication skills for collaborating with engineering teams on complex application security issues.

    Bonus

    • Experience with Security Infrastructure, Kubernetes Security, and Penetration Testing

    What We Offer

    We have all the usual perks and benefits but what we can really offer you is a fantastic work environment powered by an amazing team.

    • Industry competitive compensation and equity plan
    • Paid Time Off (PTO), Paid Sick Leave (PSL) and 11 Paid Company Holidays
    • Full medical coverage (Extended health care, dental, vision)
    • Monthly allowance for wellness, reading and access to LinkedIn Learning for continued development
    • Events and activities both team-based and company wide that inspire, educate and cultivate

    Pantheon is an equal opportunity action employer and we welcome applications from all backgrounds regardless of race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other classification protected by law. Pantheon complies with federal and local disability laws and makes reasonable accommodations for applicants and employees with disabilities. If you need a reasonable accommodation due to a disability for any part of the interview process, please contact Pursuant to local and federal regulations, Pantheon will consider qualified applicants with arrest and conviction records for employment.

    To review the Employee and Applicant's Privacy Policy, click here .

    Visa Sponsorship is not available at this time.

    Explore more InfoSec / Cybersecurity career opportunities

    Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

    #J-18808-Ljbffr
  • Dapper Labs

    Security Engineer

    3 weeks ago

    Dapper Labs Vancouver, BC, Canada

    As a Security Engineer at Dapper Labs, you will be instrumental in shaping the security landscape of our innovative blockchain solutions. This role spans across infrastructure and application security, compliance, strategic security initiatives, and legal aspects related to the c ...

  • Pantheon

    Security Engineer

    1 week ago

    Pantheon Vancouver, BC, Canada

    io is the website platform built for WordPress and Drupal. We deliver your business needs to build, host, and manage with digital speed and agility. Pantheon's Application Security team is responsible for safeguarding, auditing, and testing the security of Pantheon's entire platf ...

  • SAP SE

    Security Engineer

    1 week ago

    SAP SE Vancouver, Canada

    We help the world run better · At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces ...

  • SAP SE

    Security Engineer

    1 week ago

    SAP SE Vancouver, BC, Canada $71,000 - $150,800

    We help the world run better · At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces ...

  • Hamilton Barnes Associates Limited

    Security Engineer

    3 weeks ago

    Hamilton Barnes Associates Limited Vancouver, BC, Canada

    Join our client, a leading Managed Service Provider specializing in networking, security, and cloud solutions. As a Dell Titanium Black partner and Cisco partner, our client prides itself on delivering top-notch services to a diverse clientele, including major insurance providers ...

  • Autodesk

    SaaS Security Engineer

    1 week ago

    Autodesk Vancouver, Canada Full time

    Position Overview · We seek a talented and motivated individual who will strategize and support opportunities to further mature our Autodesk's security posture on the SaaS Trust team. This newly created role will be responsible for all daily for SaaS Security & Trust at Autodesk ...

  • Snapcommerce

    Senior Security Engineer

    4 days ago

    Snapcommerce Vancouver, Canada Full time

    About · We started to help maximize lives–both the lives of our customers and the lives of our employees– so that everyone can experience all that life has to offer. For our employees, our promise is that is more than just a job; it's an opportunity to unlock one's potential, ...

  • AdventInfotech

    Cyber Security Engineer

    2 weeks ago

    AdventInfotech British Columbia, Canada

    Cyber Security Engineer: · As a Cyber Security Engineer, you will be responsible for safeguarding an organization's computer networks and systems. You will utilize your expertise in cybersecurity principles, practices, and tools to protect sensitive data, prevent unauthorized acc ...

  • Amazon

    Product Security Engineer, Payments Security

    3 weeks ago

    Amazon Vancouver, Canada

    Product Security Engineer, Payments Security · Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars through our systems annually. We are re-inventing t ...

  • Django Rest Framework

    Security Engineer, Operations

    3 weeks ago

    Django Rest Framework Vancouver, BC, Canada

    Remote Senior Security Engineer About to help maximize lives–both the lives of our customers and the lives of our employees– so that everyone can experience all that life has to offer. We are more than a fast-paced, high-growth tech company; We are looking for a Senior Security ...

  • Yelp

    Senior Software Engineer, Security

    1 week ago

    Yelp Vancouver, Canada Regular (Full time)

    JOB DESCRIPTION Summary · Yelp engineering culture is driven by our : we're a cooperative team that values individual authenticity and encourages creative solutions to problems. All new engineers deploy working code their first week, and we strive to broaden individual impact ...

  • Amazon

    Product Security Engineer, Payments Security

    6 days ago

    Amazon Vancouver, BC, Canada $137,800

    Product Security Engineer, Payments Security · Amazon Payments processes millions of transactions every day across numerous countries and payment methods. Over 100 million customers and merchants send tens of billions of dollars through our systems annually. We are re-inventing ...

  • Pager

    Senior Security Engineer

    1 week ago

    Pager Vancouver, BC, Canada $156,000 - $232,000

    Senior Security Engineer - Security Automation PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud. · Visit our careers site to explore life at PagerDuty, discover opportunities, and sign-up for job ale ...

  • Autodesk, Inc.

    Remote Security Engineer

    3 weeks ago

    Autodesk, Inc. Vancouver, BC, Canada

    Security Engineer-Incident Response Team page is loaded Security Engineer-Incident Response Team · Apply locations Vancouver, BC, CAN time type Full time posted on Posted Yesterday job requisition id 24WD76732 Job Requisition ID # · 24WD76732 Position Overview · The Security In ...

  • Amazon

    Applied Security Engineer

    3 weeks ago

    Amazon Vancouver, BC, Canada $137,800

    Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren't possible in traditional IT environments. With AWS ...

  • Hamilton Barnes Associates Limited

    Network and security engineer

    3 weeks ago

    Hamilton Barnes Associates Limited Vancouver, BC, Canada

    As a Level 3 Network Security Engineer, you will play a crucial role within an IT consultancy, working closely with one of their esteemed end customers. Your primary focus will be on providing expert support and leading projects related to network security, with an emphasis on Pa ...

  • T-Net British Columbia

    Application Security Engineer

    3 weeks ago

    T-Net British Columbia Vancouver, BC, Canada

    Job Title: Application Security Engineer · Our client is on a mission, embracing DevSecOps culture, to provide efficient & secure deployment pipelines for their enterprise compliance solutions. They recognize direct security integration into the software delivery cycle is essent ...

  • Hamilton Barnes Associates Limited

    Cyber Security Engineer

    2 weeks ago

    Hamilton Barnes Associates Limited Vancouver, BC, Canada $27,001

    The Network Security Engineer will play a crucial role in analyzing, designing, implementing, and configuring complex network and security infrastructure. · This hands-on position requires collaboration with various technical and business units to ensure the reliability and secu ...

  • D3 Security

    Cyber Security Engineer

    4 days ago

    D3 Security Vancouver, Canada

    D3 Security provides the worlds leading platform for security orchestration, automation, incident response, and investigation / case management. Today, more than a 1000 organizations- including over 100 of the Fortune 500's rely on D3 to build, automate and execute incident respo ...

  • 0000050007 Royal Bank of Canada

    Senior Security Detection Engineer

    1 week ago

    0000050007 Royal Bank of Canada Vancouver, Canada Full time

    Job Description · What is the Opportunity? The role of the Senior Security Detection Engineer is to provide specialized subject matter expertise for the Detection Engineering & Onboarding (DEO) team. This is a key technical role supporting mission critical enterprise network se ...