FreshBooks has a big vision. We launched in 2003 but we’re just getting started and there’s a lot left to do. We're a high performing team working towards a common goal: building a world class online accounting application to help small businesses better manage their finances. Known for extraordinary customer service and based in Toronto, Canada, FreshBooks serves paying customers in over 120 countries.
The Opportunity - Lead Security Engineer - Application Security
In this newly created position, the Lead Security Engineer will be hands-on and responsible for security monitoring, incident handling, security operations processes, threat management, documenting security policies and more. In addition to building and leading our Security Engineering team, you and your team will educate the rest of our Product Development organization in best practices for developing secure cloud applications.
What you'll need:
- At least five years of experience in the Security field as a Security Engineer, or similar
- Experience building and leading teams, mentoring and coaching, and steering the growth of team members
- Strong Cloud Security and Security Architecture experience
- Strong experience as a Security subject matter expert
- Strong troubleshooting, reasoning, problem-solving, customer service, and communication skills
The more of the following you bring, the better:
- A university degree in Computer Science, Information Systems, Computer Engineering or a relevant field
- Specific experience with Google Cloud Platform or similar (AWS, Azure)
- Experience with microservices and distributed systems
- Hands-on experience with cloud storage solutions
- Demonstrated knowledge of information technology security, trends, leading practices, regulatory and industry standard compliance issues (PCI-DSS and others)
- Experience performing threat modeling, offensive assessments, penetration testing, exploit development, or vulnerability analysis
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication/authorization mechanisms (OAuth, OpenID, SAML etc.) and key management/secret vaulting solutions, including HSM (Thales, Gemalto SafeNet etc.)
What you’ll do:
- Build and lead a Security Engineering team
- Be a trusted technical advisor and solve complex Cloud security technical challenges
- Coach internal teams (i.e.Software Development) on security disciplines and work closely with these teams to ensure that they’re writing secure code and designing secure systems.
- Enable teams to take ownership of secure code
- Collaborate with Software Engineering and Architecture teams on security strategy, roadmaps, standards, and governance
- Mentor the Product Development team ensuring adherence to security engineering best practices
- Ensure Agile and Lean best practices are applied to software development and security architecture design
- Ensure that we maintain PCI-DSS compliance and other certifications
- Audit and analyze production code for potential security concerns
- Identify and document information security risks and propose mitigating controls
- Provide analysis and guidance regarding threats, vulnerabilities, and privacy and security incidents
- Identify security gaps and recommend & facilitate the mitigation of the gaps in line with industry standards and best practices
- Build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations on responding to and remediating related incidents
- Actively detect, respond to, and remediate security events across our infrastructure
What we offer:
- Competitive salary, health benefits from day 1 and extra days off (office is closed between Christmas and New Years)
- RRSP matching program and generous parental leave policy
- Weekly catered lunches, beer, and snacks
- Team and company offsites, hackoffs, and paid community volunteer days and religious observance days
- Professional development opportunities and flexible work schedules
- Office gym with showers and complimentary towel service
- Secure, indoor bike parking with well-stocked repair bay
- Ping Pong, Foosball, Massage Chairs, Nintendo Stations and more.
- Dog friendly office
- TTC & GO Accessible
Sure, there are perks, but the real reason people are proud to work at FreshBooks is because each person knows their opinion is respected, and they can see the difference they make in the lives of over 10 million small business owners around the world. If you want to accelerate your career, work on projects you're passionate about and have just as much of a life outside the office as inside—you're exactly what we're looking for.
We value our people...
We recognize and reward ingenious work. We all have real lives, and respect work lifestyle balance. We all have a voice that is heard throughout the company. We always make time for fun, and have one of the most unique, employee-led cultures out there. Join the FreshBooks choir or a class in the gym, organize a gaming night, teach a dev lunch and learn, or use a paid volunteer day to share your skills with the community. Salaries are competitive and compensation packages include a stake in the company. Interested? Let’s get started!
FreshBooks provides employment accommodation during the recruitment process. Should you require any accommodation, please indicate this on your application and we will work with you to meet your accessibility needs. For any questions, suggestions or required documents regarding accessibility in a different format, please contact us at phone 416-780-2700 and/or accessibility@freshbooks.com
by via developer jobs - Stack Overflow