Senior Application Security Specialist

Copperleaf’s enterprise software helps some of the world’s largest energy firms make better strategic decisions. We have a track record of delivering award-winning, industry-changing solutions. Join our team as we continue to enable our clients to build more resilient and sustainable infrastructure.

We are looking for a Senior Application Security Specialist to join our software development team to enhance the practice of application security planning and development at Copperleaf. This individual will utilize their software development and application security expertise to ensure excellence in our processes and tooling for secure software development and to ensure that our products are secure.

Responsibilities:

• Education and training of the wider development team to enhance our Secure Software Development Lifecycle (SSDLC).
• Staying abreast of emerging trends and best practices in application security and bringing these to the Copperleaf team.
• Security reviews and threat modeling for the application and for key future initiatives.
• Guide and advise development teams in application security and compliance.
• Guide the adoption of automated security testing to validate that secure coding best practices are being used.
• Translate security risks to business impact and advise product leadership and the entire group.
• Understand and communicate key gaps in our SSDLC and identify and lead improvements.

About you:

You have experience in the following areas:

• Enterprise software technologies, application security, and infrastructure.
• The Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
• Amazon Web Services or other cloud computing platform architecture, offerings, and security related services.
• Web application security scanning software and related penetration testing tools.
• Articulating technically advanced issues to all audiences. Comfortable working with diverse sets of stakeholders, including development teams, product management, and senior leadership.
• Training and mentoring software development teams in security-related topics.
• Ability to work under pressure, establish priorities and respond with urgency.

Experience:

• 4+ years of advanced security experience.
• Minimum of 10 years application development experience ideally within the Microsoft development stack.
• Applicable certification strongly desired (CSSLP, GWEB etc.) or obtained within 6 months of employment.

What’s it like here?

At Copperleaf, we’re committed to building a great culture because we know it sets us apart. Culture is at the very core of everything we do, and it’s what makes people want to be part of the market-leading company we’re building. We are a global team of world-class innovators continually pushing the limits of what’s possible to deliver exceptional value and extraordinary experiences to our clients. To do that, we actively cultivate an open and supportive team environment, where diverse ideas and perspectives are encouraged and respected.

Headquartered in Vancouver, Canada, Copperleaf is building a better world, one decision at a time. As one of Canada’s Fastest-Growing Companies, winner of Canada’s Most Admired Corporate Cultures and the BC Tech Association’s Tech Culture of the Year, we are a dynamic and disruptive organization offering exciting opportunities for growth and innovation.

Diversity, Equity, and Inclusion are at the heart of Copperleaf’s culture and play a vital role in our growth strategy. We are committed to ensuring that everyone feels a sense of belonging and can contribute to their maximum potential. Our differences are the reason great things happen here. If you are an applicant in need of accommodation or special assistance throughout the interview process, please submit a request by email to exsupport@copperleaf.com.