Principal Application Security Specialist

Global Relay


Job Location:

Vancouver - Canada

Monthly Salary: $ 125000 - 160000
Posted on: Yesterday
Vacancies: 1 Vacancy

Job Summary

Who we are:

For over 25 years Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving surveillance eDiscovery and analytics solutions. We securely capture and preserve the communications data of the worlds most highly regulated firms giving them greater visibility and control over their information and ensuring compliance with stringent regulations.

Though we offer competitive compensation and benefits and all the other perks one would expect from an established company we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. Its a place where you can genuinely make an impact and be recognized for it.

We believe great businesses thrive on diversity inclusion and the contributions of all employees. To that end we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other completely free of barriers.

Your role:

The Principal Application Security Specialist is the most senior individual contributor across Global Relays Software & Application Security function. Combining deep application security testing mastery with DevSecOps leadership you set the technical direction for how Global Relay tests the security of its applications and for how security is engineered into the software development lifecycle. You lead the most complex and novel assessments define testing methodology and standards and drive the integration of automated security controls into CI/CD pipelines. You act as the organizations authority on application mobile and AI/LLM security and partner with engineering platform and product leadership so that security is built in and aligned with business objectives.

Your responsibilities:

Testing & methodology leadership

  • Collaborate with the Team Lead Application & Software Security to develop and own the application security testing methodology and standards across web API mobile and AI/LLM domains.
  • Lead the most complex novel and high-risk security assessments including original research and the development of new testing techniques and tooling.
  • Own the organization-wide triage escalation and evidence-quality framework across all security testing and scanning functions and define how L1L3 teams are trained and measured against it.
  • Support the direction for the penetration testing and offensive security program.
  • Own the most advanced threat modelling for critical and cross-cutting architecture.
  • Serve as the organizations authority and final technical escalation point for application security.

DevSecOps & secure SDLC

  • Drive the integration of security into the SDLC and CI/CD pipelines championing a proactive risk-based shift-left approach.
  • Develop the organization-wide standards for remediation verification retest evidence and release closure ensuring security gating is consistently and appropriately applied across all release pipelines.
  • Design and deploy an automated security framework for robust tooling and processes using scripting and open-source solutions.
  • Collaborate with Engineering for the selection deployment and management of security scanning tools (SAST DAST SCA container) within CI/CD pipelines integrating them via APIs and plugins using agile delivery methods.
  • Serve as the liaison for DevSecOps standards and provide input into new standards and policies.
  • Review and analyze vulnerability data to identify risk across applications infrastructure and network and manage false positives.
  • Set the organizations standards for root-cause analysis and remediation guidance on the most complex or systemic security defects and define how remediation quality is assessed across teams.

Influence measurement & people

  • Define how testing coverage quality and effectiveness are measured and drive continuous improvement.
  • Partner with engineering product and architecture teams to influence secure design at scale and prioritize security investment.
  • Lead security sessions for engineering teams covering risks report analysis mitigations and process improvements.
  • Mentor and develop specialists create documentation and training material and raise the technical bar across the function.
  • Represent application security in cross-functional and where appropriate external forums.

About you:

  • 8 yearsexperience across application/product security testing and DevSecOps with expert knowledge of software security.
  • Experience with security frameworks (OWASP MITRE NIST) testing tools (SAST/DAST/SCA) scripting (Python Java Bash PowerShell) and DevOps/CI-CD tooling (Git Jenkins Docker/Kubernetes)
  • Solid understanding of secure development and coding practices
  • Comfortable working cross-functionally with Security Dev and Engineering teams
  • Strong communicator able to translate technical concepts for any audience
  • Self-directed detail-oriented and a sharp problem-solver

Compensation:

Global Relay advertises the pay range for this role in compliance with British Columbias pay transparency laws. Individual pay rates are determined by evaluating factors such as expertise skills education and professional background.

The range below reflects the expected annual base salary which is only one element of our comprehensive total rewards package designed to reflect our company pay philosophy culture and values. We aim to foster an inspiring work environment and support employees work-life rhythms. We provide a comprehensive extended health benefits program including virtual healthcare and a wellness allowance. Employees also receive annual allotted vacation days which increase based on tenure. Other benefits include: Paid sick days maternity/parental enhancement program bonus and an RRSP contribution matching program.

For Vancouver-based employees we provide a subsidized meal program courtesy of our talented in-house culinary team!

British Columbia - Base salary range

$125000 - $160000 CAD

What you can expect:

At Global Relay theres no ceiling to what you can achieve. Its the land of opportunity for the energetic the intelligent the driven. Youll receive the mentoring coaching and support you need to reach your career goals. Youll be part of a culture that breeds creativity and rewards perseverance and hard work. And youll be working alongside smart talented individuals from diverse backgrounds with complementary knowledge and skills.

Global Relay is an equal-opportunity employer committed to diversity equity and inclusion.

We seek to ensure reasonable adjustments accommodations and personal time are tailored to meet the unique needs of every individual.

To learn more about our business culture and community involvement visit .


Required Experience:

Staff IC

Who we are:For over 25 years Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving surveillance eDiscovery and analytics solutions. We securely capture and preserve the communications data of the worlds most highly regulated firms giving them gre...

About Company

Company Logo

Upgrade to Global Relay. The leading provider of compliant electronic communications archiving, messaging, supervision, and eDiscovery.

View Profile View Profile