Application Security Engineer

Application Security Engineer

Location: Ottawa & Montreal

Shopify's merchant protection team ensures we provide a trustworthy commerce platform for our 90,000+ merchants. This includes security in every aspect of the Shopify experience, from storefront to the Admin panel to apps in our App Store. We are looking for an application security specialist who will help identify and respond to application vulnerabilities and develop tools to integrate security into our development process.

You'll need to have:

  • Experience performing web application penetration testing (Running Nessus doesn't count)
  • Thorough knowledge of security issues affecting web applications
  • Interest in creative ways to include security in the software development process

It would be great if you had:

  • Experience in web application development, especially Ruby on Rails
  • Contributions to open source security projects
  • Experience with bug bounty programs such as the Shopify Whitehat program (

You'll be working on:

  • Performing security audits of internally-developed and third-party apps
  • Responding to vulnerabilities disclosed through our Whitehat program
  • Providing security advice to product teams
  • Developing tools to help scale the security assessment process

If you are interested in discussing this role further, please click here and fill in your information.

Date Posted:
Sep 4, 2015 1:01 AM PDT

Ottawa, Ontario, Canada

Shopify is a leading cloud-based, multichannel commerce platform designed for small and medium-sized businesses. Merchants can use the software to design, set up and manage their stores across multiple sales channels, including web, mobile, social media, marketplaces, brick-and-mortar locations, and pop-up shops. The platform also provides a merchant with a powerful back-office and a single... more