About the Role & Team
As part of the theScore team, you will be working with a team of smart, friendly, and dedicated Engineers, Product Managers and Designers determined to deliver some of the best apps the market has to offer.
We want you to be challenged and to get the full experience of what it is like to work at theScore! We are looking for a Senior Application Security Engineer to join our Application Security team.
Our team takes a hands-on approach to solving complex security problems in conjunction with writing policies and procedures.
You will work cross-functionally across the entire engineering organization. You will share your unique expertise with the team and be able to grow and expand that expertise.
We have a wide variety of security challenges, and we are looking for someone who is excited to tackle them. Come join us and help us build the best sports apps in the world!
About the Work
- Collaborate with release and change management, SRE, Engineering, and compliance teams
- Work with security / internal / external / state auditors to demonstrate compliance
- Maintain a working knowledge of OWASP top 10 and MITRE top 25 CWE
- Develop standards for security tooling focused on the application layer (SAST, DAST, SCA, MAST, RASP)
- Build / implement secure artifact workflows in the SDLC to ensure governance and compliance standards are being met
- Create technical approaches to implementing Application Security control technologies
- Contribute to theScore’s Application Security program to support our continued growth
- Define and report on security metrics, their delivery, and improvements
- Work with service teams to conduct threat models of theScore’s internal and customer facing applications
- Assist service teams in understanding and remediating security findings (code bashing)
- Other duties as required.
About You
- 5+ years of Application Security or DevOps experience
- 5+ years of GCP or AWS experience
- Experience with software supply chain security (SBOMs, Artifact Signing, Attestations)
- Programming experience in Python or Go
- Experience with implementing security tooling in CI / CD
- Experience creating complex CI / CD workflows (building for multiple architectures, local caching, making automated source code changes based on workflow output)
- Experience supporting RESTful APIs and securing containerized workloads (GKE, EKS)
- Experience working in regulated environments (PCI-DSS, SOC 2, etc.)
- Experience leading technical projects and seeing them through to completion
- Excellent communication skills and a history of working well with other teams
- Optional : Experience maintaining Kubernetes clusters, or managing Kubernetes deployments
What We Offer
- Competitive compensation package.
- Fun, relaxed work environment.
- Education and conference reimbursements.
- Parental leave top
- Opportunities for career progression and mentoring others.
LI-REMOTE
Candidates residing in Ontario requiring special accommodation can email
Senior Software Engineer - Attack Detection
Abnormal Security is looking for a Senior Software Engineer to join the Message Detection - Attack Detection team. As a Senior Software Engineer, you will collaborate with machine learning engineers to architect an ML platform that enables development and deployment of large ML models with low laten...
Senior AWS Application Security Engineer, ETSE
AWS Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. Minimum of 5 years of experience and understanding of security engineering, system and network security, authent...
Senior Security Engineer, Corporate Security
Minimum of 4 years of combined experience in the IT or security space, related to enterprise security or Detection and Response. Partner with other members of the security organization to establish security guidelines that enable the organization to move fast in a safe and secure manner. Experience ...
Senior Security Engineer, Infrastructure
Infrastructure Security Engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. Ripple is looking for passionate Information Security professionals to build a world class Information Security program. Our Security Engineering team is growing...
Senior Security Engineer (Network Security)
Senior Security Engineer (Network Security). Drive DLP rule management, CASB, and DLP deployment and management, with a focus on Azure Security Center, Azure Defender, Azure AD security, Microsoft ATP, O365 Security and compliance, and Sentinel One. Implement Cloud web application firewalls like Azu...
Senior Security Engineer
Own the delivery and success of security engineering projects that span engineering teams. Minimum of 4 years combined experience in software and/or security engineering. Terraform), static application security tooling (e. Design, build, and maintain tooling, software, and systems for securing our c...
Senior Security Engineer
The Security Engineer will be part of the engineering organization and responsible for implementing, managing, and enhancing security measures across our applications, products, and services to protect against potential cyber threats and attacks. Application Security: Design, implement, and maintain...
Senior Application Engineer - Structures (Eastern Time Zone, Canada)
Join the Ansys Customer Excellence team to partner with our customers to engineer what's ahead, solve their real-world engineering problems, deploy Ansys software in their design workflows, and grow Ansys’ business. As a hands-on subject matter expert, you will use expert-level engineering knowledge...
Senior Consultant, Application Security
Reporting to the Manager for Application Security, this Senior Consultant is self-motivated, energetic, driven for success and results oriented. Senior Consultants also provide application security experience and demonstrate leadership capabilities by delivering key messages to clients and managemen...
Senior Application Engineer - Structures (Eastern Time Zone, Canada)
Join the Ansys Customer Excellence team to partner with our customers to engineer what's ahead, solve their real-world engineering problems, deploy Ansys software in their design workflows, and grow Ansys’ business. As a hands-on subject matter expert, you will use expert-level engineering knowledge...