Senior Security Engineer (Canada, Remote) - FreshBooks Toronto, Ontario, Canada Bookmark Share Print 255 0 0

Listing Description

Senior Security Engineer - 12 months fixed-term contract


About FreshBooks


FreshBooks is a leading cloud-based SaaS accounting software designed with one goal: to help small business owners grow. We reached unicorn status after raising our valuation to more than $1 billion and continue to scale our business to serve business owners, their clients, and accountants in more than 160 countries worldwide. FreshBookers are found all over the globe, and we know that different folks thrive in different working environments: Remote, onsite, and everything in between, you’ll find it with us.


The Opportunity – Senior Security Engineer (Remote) 12-months fixed-term contract


Freshbooks Product Security Team is looking for a Senior Security Engineer to help validate that our microservices, applications, and websites are designed and implemented to the highest security standards.


You will be responsible for analyzing the security of our platform and applications and services, discovering and addressing security issues, and quickly reacting to new threat scenarios. You will lead secure architecture reviews, perform threat modeling, collaborate with consultants to test security of applications & services, and monitor FreshBooks environments to react to potential incidents.


 


What You'll Do as a Senior Security Engineer



  • Work as an internal security consultant to help [feature/product] engineering teams understand the security risk and advise them on best practices

  • Perform threat modeling for any new or existing applications and services

  • Review source code of applications and services for vulnerabilities when required, stay on top of Vulnerability management and patch management

  • Support our responsible disclosure program, security training and outreach to product development teams

  • Participate in on-call rotation and lead security incident response

  • Develop security tools and security metrics, perform proactive research to detect new attack vectors and pentest internal and external apps

  • Design, architect, and implement defensive security controls across services


 


What You'll Bring to the Role



  • Minimum 3-5 years of experience in threat modeling, secure software development

  • You have an understanding of how the network and web protocols such as TCP, UDP, HTTP, HTTPS, DNS, routing and IPSEC work

  • You have a knack for finding flaws in software, can efficiently communicate how to fix them, self-driven in the face of ambiguity and imperfect knowledge

  • You have experience in working with microservices architecture supporting mobile and web clients

  • You have knowledge of cryptography and data security standards

  • You have knowledge of security frameworks such as SAML, OpenID, OAuth, etc.

  • You have an understanding of Kubernetes, Jenkins, Terraform, Ansible, etc and  must have experience with scripting languages such as Python/Ruby/Perl/Bash

  • YouYou are well versed with OWASP Web Top 10 and Mobile Top 10 and SANS 25


 


You'll Stand Out If You Bring Experience In



  • Have participated in bug bounty programs or CTFs

  • Have been a speaker at a security conference or a contributor in the security community

  • Have security certifications such as OSWE, GWEB, CREST-CWAT

  • Have cloud security certifications such as Google Professional Cloud Security Engineer, AWS certified security specialty


 


Our Commitments to You


At FreshBooks each person knows their opinion is valued, and can see their impact on the lives of over 10 million small business owners around the world. Accelerate your career, work on projects you're passionate about, and work as a part of a collaborative team without ego! Here are some of the ways FreshBooks recognizes and rewards our employees:



  • 🌱Working Environments to Help You Thrive. Beautiful office spaces welcome you in Canada and Mexico, and remote FreshBookers receive a home office credit to set up your home office.

  • 🤗 Supportive Peer Group, Mentors, and Leaders. We care about each other across the organisation and have programs to support this so everyone feels a strong sense of belonging, and believes in collective impact. 

  • 🚀 Accelerated growth. Company onboarding, career development through continuous coaching, training, and learning on the job


 


Closing


Even if your experience doesn't meet every bullet on the above lists, we'd love to learn more about you and why you think FreshBooks is the next step in your career.


FreshBooks is an equal opportunity employer. We do not discriminate based on gender, religion, race, mental disability, sexual orientation, age, or any other status. All applicants are considered based on their qualifications and merits. At FreshBooks, we inspire an environment of mutual respect and we believe diversity and inclusion are crucial to our success.


FreshBooks provides employment accommodation during the recruitment process. Should you require any accommodation, please indicate this on your application and we will work with you to meet your accessibility needs. For any questions, suggestions or required documents regarding accessibility in a different format, please contact us at phone 416-780-2700 and/or accessibility@freshbooks.com.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765