Application Security Engineer
Who we are:
Founded in Vancouver BC Canada, Tasktop harvests an energetic vibe, while proudly counting the majority of the Fortune 100 as customers. Tasktop pioneered software developer efficiency and continues to innovate in the industry with our CEO Mik Kersten's best-selling book 'Project to Product'. We drive competitive advantage by helping our customers master their software production more efficiently. We provide enterprise-grade tool integration infrastructure that removes the overhead and waste that’s slowing down Agile teams while promoting information flow across teams. With Tasktop, customers can equip teams with best-of-breed tools from multiple vendors to support planning, development, testing, and service desk functions while still achieving end-to-end visibility. Tasktop enables customers to connect, visualize, and measure the value created by their software business.
The opportunity:
Tasktop is looking for an Application Security Engineer that will be instrumental in ensuring our products are designed and implemented to the highest security standards. This Security professional will work with engineers, and across the code base to discover and address security issues.
Responsibilities:
- Providing subject matter expertise in architecture, authentication, and systems security. Understanding our full engineering stack, services, and data flow, and owning their security controls.
- Helping to design and implement security and availability of endpoints, cloud applications, and supporting services.
- Automating security controls to reduce Tasktop’s attack surface, and proactively seek the latest security trends, techniques, related tools and security vulnerabilities.
- Providing recommendations to correct deficiencies and deliver improvements to help optimize the high availability, redundancy and security of our production infrastructure.
- Maintaining information security practices, to ensure all systems and services are meeting service level agreements.
- Working with both internal and external groups to ensure systems are securely integrated, configured, managed and supported.
- Documenting and delivering security training and awareness-raising initiatives.
- Performing regular security reviews.
- Helping to design and implement security testing throughout Tasktop’s product lifecycle.
Who you are:
- Experience securing Angular and React based single page web applications and microservices architectures.
- Experienced in securing infrastructure and applications in any public cloud-based providers such as Amazon Web Services, Microsoft Azure, or Google Cloud Platform.
- Experienced in implementing security controls for information security compliance programs such as GDPR, CIS, SOC 2, CCPA, PCI, SOX etc.
- Thorough understanding of authentication, authorization, and directory services such as SSO, OAuth, or OpenID.
- Experience covering a combination of the following:
- Threat Modeling
- Identity Management
- Software Development
- Cryptography
- System Administration and Network Security
- Experienced with automating security in deployment pipelines, performing security assessments, and ability to identify pitfalls with manual and automated penetration tests.
- Experienced with cybersecurity software and penetration testing tools (such as SolarWinds, Wireshark, Metasploit, Kali Linux, John the Ripper).
- Certifications, such as OSCP, SANS, and AWS architecture and security certifications, is a plus.
- Understanding of network and web related protocols (such as, TCP/IP, HTTP, HTTPS/TLS).
- Experienced with multiple programming languages (such as, Java, Scala, Python, Go, etc.).
- Excellent written and verbal communication skills.
What gives you an edge:
- Inquisitive with a track record of remediating and resolving potential security threats.
As a Tasktop employee you will enjoy flexibility, a health and wellness allowance, volunteer programs, a generous vacation offering, happy hours, and plenty more benefits!
Do you want to join the movement?? We would love to hear from you. Apply within!