Visit our website Register with us

logo

View all jobs

2026-31 - Security Developer

Calgary, Alberta
Responsibilities:
  • Design, develop, and architect scalable security features and identity adapters, ensuring Security-by-Design is baked into the product lifecycle from inception to sunset.
  • Engineer and automate application security testing (SAST/DAST/SCA) within CI/CD pipelines to identify vulnerabilities at scale, rather than just performing manual scans.
  • Lead Security Architecture Reviews for complex client identity flows, providing authoritative guidance on OIDC, OAuth 2.0, and JWT implementation and vulnerability remediation.
  • Define the standardized security control library for the organization and verify the effectiveness of these controls through automated validation.
  • Review application architecture from a security perspective and provide technical guidance on vulnerability remediation.
  • Assist departments in assessing, selecting, implementing, and verifying the effectiveness of security controls.
  • Engineer and deploy of Automated Security Validation (ASV) frameworks that programmatically exploit identified vulnerabilities.
  • Design scalable 'Security-as-Code' suites to verify control effectiveness across the enterprise CI/CD pipelines, providing automated, evidence-based risk reporting to stakeholders
  • Operationalize Threat Modeling across the engineering org by establishing STRIDE-based standards and mentoring junior developers to lead their own sessions.
  • Influence organizational security culture by developing secure coding standards and leading "Security Champion" programs.
  • Design and oversee the development of security telemetry pipelines and executive dashboards that provide a real-time, risk-based view of the application security posture.
 
  • Top Skills:
  • Custom Code Gating and Automation: Automatically scan code for vulnerabilities before it's deployed, stopping risky code instantly and giving developers immediate, helpful feedback.
  • AI Vulnerability Remediation and Visibility: Use new AI tools to quickly find and fix security issues, drastically reducing the manual effort from our development teams across CXT.
  • Complete Software Inventory (SBOM): Create an automated, comprehensive list of all software components we use to quickly identify and manage risk from new vulnerabilities or license issues.
  • Secure Development Assurance: Focuses on maturing foundational initiatives like the AppSec portal, security champions program, and targeted developer training to cultivate a proactive security culture and streamline critical processes.
  • Measurable Security Performance: Define clear metrics to track how well our security controls are working and establish a standardized framework for security testing to ensure consistent compliance and high quality.


 

Share This Job

Powered by