Software Security Engineer

Would you like to make a difference by joining one of health technology’s brightest stars?  Are you interested in developing the software platform to power the budding home healthcare revolution?  Are you passionate about technology, specifically protecting sensitive personal and health record information? Keep reading. 

 AlayaCare is looking for a security software engineer, someone with passion of application security and an endless appetite to foster the security mindset in every step of the SDLC in a SaaS company.   The software security engineer will work closely with software architects, frontend/backend developers, and QA to support them by advocating, testing, code reviewing and monitoring.  The software security engineering will join a small-but-agile product security team.  This team will provide tools, support, and advice to make the products more secure while remaining fast and nimble.  We believe Security by Design is about enabling trust in systems, designs and data so that other groups can innovate with confidence. 

 The responsibilities mostly focus on Web and Mobile Application Security, protecting the client-facing platform during the whole SDLC. You will influence the architecture runway to include the security requirements. Together we will help ensure that they are delivered and implemented. You will work closely with all key development stakeholders. 

 You will be responsible for: 

• Evangelising Secure SDLC to engineering department & contribute to the application security training and champion program 
• Challenging status quo and sharing your expertise with others (code review, security findings, best practices, etc.), bringing security measures into every stage of the development workflow 
• Transforming security tools findings and pen-tester reports into tickets that are actionable for developers and provide guidelines to test; performing manual testing if needed 
• Propose features to differentiate AlayaCare product by bringing innovation and security in our platform, being ahead of the market and ensure we differentiate ourselves by bringing cyber-security in our industry (protecting our clients and their sensitive data) 

• Transforming security and privacy requirements into feature (bringing value to our clients) and work with product teams and architect to embed security in every aspect of the product 
• Partnering with engineers to ensure the security MVP included in every single release, sponsoring tools/methods to merge security in the CI/CD (threat modeling, static code analyst, code review, dynamic application security tests & pen testing) 

 About you 

• Relevant university degree (Computer Science, Math and Statistics, or Engineering) 
• You know by heart the OWASP Cheat Sheets, and you are always ready to get your hands on the keyboard to test web applications 
• 3+ years' experience as software security engineer (tools/technics for threat modeling, code review, SAST/DAST, tests and fuzzing, SCA & dependencies) 
• Fluent in modern web application languages such Python, JavaScript, .Net with more than 2 years of experience as developer in SaaS shop 
• You love to read code and find the loopholes in a system; but you enjoy an elegant fix even more! 

• You believe shifting security left is the solution to build secure software 
• Able to explain to a 6-year-old child how to secure a web application 
• Passion for sharing knowledge (leadership by expertise, application security is a team sport), autonomous and strong organizational skills 
• Team player and ability to thrive in a fast-paced and performance-driven environment 
• Pen testing experience and passion for CTF is a plus 

 Why AlayaCare is a great place to work 

• You can make a difference for people receiving home healthcare on how people live longer at home while getting the best care available 
• You get access to the awesome O’Reilly learning environment 
• We are super flexible, you can work from home, or go to the office if you are in one of our hub (Montreal, QC, Toronto, ON, or Victoria, BC), or a combination of both home and office, as you like. 
• You’ll work with supportive and highly skilled colleagues 
• RSU in a growing company 

• Career growth and development 
• Health and wellness activities 
• Health benefits package 
• Flexible vacation policy 

 About AlayaCare 

• AlayaCare is revolutionizing the way home care is delivered. Our leading cloud-based software allows our clients around the world to manage their employees, scheduling, billing, and enable better delivery of care. We aim to be the operating system for our clients’ businesses, helping them and their employees improve clinical outcomes.     
• We are a fast-growing company with offices in Canada, US and Australia and a team of over 500 employees.  
• We’ve been recognized as one of the top growing companies in Canada.