Application Security Architect (Remote)

Toronto, Ontario

Applications have closed

Attabotics

Attabotics is building the future of warehouse automation solutions with revolutionary warehouse robotics and automated picking systems.

View company page

About YouYou want to work for a fast-paced company that thinks big and dreams huge. You are driven, view work as more than just a job, and are never satisfied with a project left half-done. You have a strong sense of personal ownership and responsibility for completion of objectives on time. You want to figure out why things tick which makes you tick but very little ticks you off. You want to think outside of the box and continually challenge your own limits, as well as those around you. You have a mad scientist mentality where you want to be part of the robots building robots revolution. About AttaboticsAttabotics is the world’s first 3D robotics supply chain system for modern commerce. Inspired by the framework of ant colonies, Attabotics replaces the rows and aisles of traditional fulfillment centers with a patented storage structure and robotics shuttles that utilize both horizontal and vertical space, reducing a company’s warehouse needs by 85%. By empowering retailers to place fulfillment centers near high-density urban areas, Attabotics helps create jobs and decrease carbon emissions by closing the last-mile delivery gap. A TIME Magazine Most Innovative Company special mention, CNBC Disruptor, and one of Fast Company’s world’s 50 most innovative companies. Attabotics has been adopted by major brands including luxury department store Nordstrom, and other retailers across apparel, grocery, food & beverage, and home goods. Attabotics is based in Calgary, Alberta, Canada, with fulfillment centers across the United States and Canada. Our 2022 robots reflect the culmination of many iterations on our mechatronic design. We are accelerating our rate of software innovation within our solution. Attabotics has moved to a quarterly release cadence, we have completed our iso 9001 evaluation and will new features and performance improvements through software. The DevOps Architect is the flywheel to fuel our increased release cadence and efficiency.   RoleThe Application Security Architects responsible for the code-level security of all Attabotics products including embedded, on-premise, and cloud solutions. Reporting to the Director, Software Solutions; the Application Security Architect will own the identification and remediation of vulnerabilities within the codebase(and 3rd party libraries). They will evolve the security architecture and implement best practices, while balancing complexity and performance, through close partnerships with the Engineering teams and other stakeholders.   

Who you are

  • Bachelor's Degree in Computer Science or related industry experience.  
  • 5+ years of experience in a Security Engineering role with a specific focus on vulnerability management and secure coding. 
  • Thorough understanding of software security vulnerabilities, including but not limited to the OWASP Top 10 list of vulnerabilities. 
  • Ability to assess and evaluate vulnerabilities associated with Linux and Windows operating systems, cloud provider ecosystems (Azure, AWS, GCP), open-source components, Docker / Kubernetes. 
  • Familiarity with cybersecurity frameworks and regulations such as NIST, CIS, ISO (27001 and 27002), and EU GDPR. 
  • Solid understanding of application and database security concepts and architectural principles around authentication, authorization, session management, configuration management, data handling and cryptography
  • Prior experience in Threat Modeling and the ability to coach others in this practice  
  • Experience in making domain-driven design decisions and trade-offs; for example: security vs. speed or complexity. 
  • Highly technical and a good negotiator 
  • Excellent written and verbal communication skills (ability to influence without the authority) 
  • Nice to Have 
  • Proficient with Azure DevOps 
  • Very good understanding of networking  
  • Prior development experience. For example, using C# (preferred), C,C++, JavaScript/TypeScript, Python. 
  • Experience with Rust is a plus  

What we need

  • Review the state of the Attabotics code bases (embedded, cloud, on-premise), pipelines, release gates and servicing methodologies  
  • Review and evolve the security architecture for our embedded, cloud-based, and on-premise software lead security reviews and risk assessments for all software on an ongoing basis. Develop a roadmap (sequenced milestones) for addressing security technical debt, followed by a “stay safe” posture for all code.   
  • Drive progress on the security roadmap with stakeholders through a unified dashboard to hold all parties accountable 
  • Define and reinforce secure coding practices throughout the SDLC Drive the adoption of standardized methodologies, libraries, and tools. 
  • Provide expert advice and coaching to engineering teams and leadership.  Guide the teams in new feature security reviews and threat modeling. 
  • Conduct internal penetration testing and security scanning using appropriate tools and methodologies. Work with 3rd party security assessment and penetration testing vendors as needed. 
  • Provide solutions to remediate security flaws.  Facilitate rapid corrective action for high-impacting issues. 
  • Partner with the Engineering and QA teams to ensure that security testing objectives are met. Ensure the adoption of security best practices in testing, automation, and CI/CD pipelines.  
  • Advise and participate in the Security response team as needed. 
  • Document compliance to regulatory guidelines and standards.  Author externally facing security communications exemplifying thought leadership. 
  • Stay abreast of emerging security threats, vulnerabilities, and controls to coach the entire organization on state-of-the-art security practices . 
If this description describes you perfectly and the work environment you know you can thrive in, send us your resume as well as describe to us what you’re passionate about and we may just reach out to you. Attabotics is committed to employing the best people to do the best job possible within our environment. We hire based on merit and are strongly committed to cultivating diversity as a source of excellence. Attabotics firmly believes that a vast array of perspectives produces and promotes innovation and business success. Our corporate diversity encompasses differences in ethnicity, gender identity or expression, language, age, sexual orientation, religion, socio-economic status, physical and mental ability and education. Attabotics promotes a corporate safety culture where employees’ health, safety & well being is number one and with the ultimate goal of establishing a zero incident work environment.

Tags: Application security Automation AWS Azure C CI/CD Cloud Compliance Computer Science Cryptography DevOps Docker GCP GDPR JavaScript Kubernetes Linux NIST OWASP Pentesting Python Rust SDLC Security assessment TypeScript Vulnerabilities Vulnerability management Windows

Regions: Remote/Anywhere North America
Country: Canada
Job stats:  11  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.