Application Security Analyst, Product Development (REMOTE)

Canada

Applications have closed

Kinaxis

Revolutionize supply chain management with Kinaxis. Get end-to-end transparency to make fast, collaborative decisions with the power of concurrency.

View company page

At Kinaxis, who we are is grounded in our common belief that people matter. Each one of us plays an important part in accomplishing our work, building our culture and making a global impact.

Every day, we’re empowered to work together to help our customers make fast, confident planning decisions. This is how we create a better planet – for each other, for our customers and for generations to come. Our cloud-based platform RapidResponse ensures that the products we need – everything from medicine and cars, to day-to-day items like toothpaste – make it to market and into our hands when we need them with minimal ecological footprint.

We make the world better, and you can too.

Application Security Analyst, Product Development (REMOTE)

Location - Our office is in Ottawa & Toronto, CA; but you can be anywhere in Canada

About the team - Are you passionate about helping teams build and deploy more secure products and services? Do you love finding ways to exploit weaknesses in the design and implementation of applications?

The Product Security team works directly with product development groups at Kinaxis to help them to design, implement and deploy applications and features in a secure manner.

What you will do:

  • Apply your knowledge of the Security Development Lifecycle (SDL) to assist teams with activities such as threat modeling, identifying security requirements and applying secure by design principles to their features
  • Performing security assessments and code reviews
  • Contributing to automation to mature our security practices
  • Assist with security education and training for product development teams
  • Assist with vulnerability and penetration tests against defined systems
  • Assist with onboarding of teams into our SAST environment
  • Executing security plans developed in conjunction with senior members of the team
  • Identify and propose areas of improvement to raise our overall security posture
  • Identify and implement improvements to our DevSecOps program

Technologies we use:

  • Java
  • C++
  • C#
  • Python
  • HTML5
  • TypeScript & JavaScript
  • Linux & Windows
  • Kubernetes and Docker

What we are looking for:

  • A passion for Application Security and the desire to positively impact the security of products and services
  • Education background in Application Security, Computer Science or equivalent knowledge of common web application technologies and languages
    • 3-5 years Software Development experience preferred
    • 1-2 years of Application Security experience preferred
  • Technical skills relevant to Application Security such as secure coding practices, application security testing and ethical hacking techniques
  • Experience performing security code reviews
  • Familiarity with Information Security industry standards/best practices. For example, OWASP, SANS, NIST, ISO27000
  • Knowledge of scripting technologies such as PowerShell or Bash
  • Ability to work with and influence teams on security best practices
  • Ability to work independently and solve problems
  • Strong written and oral communication skills

Considered an Asset:

  • Experience with Jenkins, or other build server
  • Experience with a major cloud technology platform (Azure, AWS, GCP)
  • Familiarity with automated penetration testing tools, and manual techniques for testing a system for security vulnerabilities, is nice to have. For example: Burp Suite, OWASP Zap, Kali Linux

 

If you want to be part of a team that challenges you, moves fast, improves constantly, and makes a difference, let’s talk.

What we have to offer

  • Challenging Work - We love solving highly complex problems. And as the global leaders in our industry, we never stop innovating—our work is never “done. That’s because across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they’re passionate about.
  • Great People - We take our work seriously, but we don’t take ourselves too seriously! It’s in our DNA to celebrate, laugh, and have fun. We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success.
  • Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
  • Diversity, Equity and Inclusion - Diversity, equity and inclusion are more than words to us. They are the guiding principles for building a culture where we celebrate each others’ differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. 

For more information, visit the Kinaxis web site at www.kinaxis.com or the company’s blog at http://blog.kinaxis.com/.

Kinaxis strongly encourages diverse candidates to apply to our welcoming community. We strive to make our website and application process accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Human Resources at accommodations@kinaxis.com. This contact information is for accessibility requests only and cannot be used to inquire about the status of applications.

Tags: Application security Automation AWS Azure Bash Burp Suite C Cloud Computer Science DevSecOps Docker Ethical hacking Exploit GCP ISO 27000 Java JavaScript Kali Kubernetes Linux NIST OWASP Pentesting PowerShell Product security Python SANS SAST Scripting Security assessment TypeScript Vulnerabilities Windows

Perks/benefits: Career development Team events

Regions: Remote/Anywhere North America
Country: Canada
Job stats:  17  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.