Application Security Engineer

Application Security Engineer

Ottawa, ON & Montreal, QC

Shopify's merchant protection team ensures we provide a trustworthy commerce platform for our 150,000+ merchants. This includes security in every aspect of the Shopify experience, from storefront to the Admin panel to apps in our App Store. We are looking for an application security specialist who will help identify and respond to application vulnerabilities and develop tools to integrate security into our development process.

You'll need to have:

Experience performing web application penetration testing (Running Nessus doesn't count)

Thorough knowledge of security issues affecting web applications

Interest in creative ways to include security in the software development process

It would be great if you had:

Experience in web application development, especially Ruby on Rails

Contributions to open source security projects

Experience with bug bounty programs such as the Shopify Whitehat program (

You'll be working on:

Performing security audits of internally-developed and third-party apps

Responding to vulnerabilities disclosed through our Whitehat program

Providing security advice to product teams

Developing tools to help scale the security assessment process

If you are interested in discussing this role further, please fill in your information and we'll be back in touch.

Please make your cover letter out to Andrew Dunbar.

Date Posted:
Dec 10, 2015 12:37 PM PST

Ottawa, Ontario, Canada

Shopify is a leading cloud-based, multichannel commerce platform designed for small and medium-sized businesses. Merchants can use the software to design, set up and manage their stores across multiple sales channels, including web, mobile, social media, marketplaces, brick-and-mortar locations, and pop-up shops. The platform also provides a merchant with a powerful back-office and a single... more