ShareGate- en - Application Security Manager
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 8+ years of experience in application security, DevSecOps, or security-focused software development; • Strong software engineering background combined with deep security expertise; • Deep understanding of web application security principles, OWASP Top 10, and CWE Top 25; • Hands-on experience performing secure code reviews in C#; • Experience building and maintaining security automation in CI/CD pipelines (GitHub Actions preferred); • Solid understanding of Azure cloud services, infrastructure security, and deployment patterns; • Experience integrating SAST, DAST, SCA, and secret scanning tools into development workflows; • Proficiency in scripting (Python, Bash) for automation and tooling; • Extensive hands-on experience with AI-assisted and agentic development workflows, with deep expertise in their security implications; recognized for major contributions in this space and driven by strong curiosity to push the boundaries of AI in the SDLC; • Familiarity with authentication protocols such as OIDC, SAML, and OAuth; • Ability to clearly communicate security risks and trade-offs to both technical and non-technical stakeholders. • Salary range: $150–180k CAD.This range reflects our Canada-wide compensation scale. Final offers may be adjusted based on the candidate’s region to align with local market conditions.
Responsibilities
• Ensure security is embedded into CI/CD pipelines by delivering scalable, automated tooling and integrated security checks (SAST, DAST, SCA, secret scanning); • Enable secure-by-default development by designing and implementing automated, policy-driven security review workflows; • Establish robust security guardrails within AI-assisted development and agent workflows to reduce risk while maintaining developer velocity; • Reduce risk exposure by proactively identifying, assessing, and driving remediation of application security vulnerabilities; • Strengthen application security posture by leading threat modeling and security assessments for new features and architectural changes; • Improve detection and response capabilities through the development of automation, tooling, and streamlined vulnerability management processes; • Elevate cloud and application security by partnering with Infrastructure SecOps to harden Azure environments and deployment practices; • Enhance external security feedback loops by contributing to and scaling the bug bounty program and vulnerability intake processes. • A typical week? • Writing code for security tooling, CI/CD configurations, and automated review workflows; • Designing and refining policy-based security checks in pipelines; • Building and improving guardrails for AI-assisted development and agent workflows; • Participating in architecture and design discussions with engineering teams; • Collaborating with Infrastructure SecOps on shared security initiatives; • Triaging and prioritizing security alerts and vulnerabilities; • Sharing knowledge through pairing, code reviews, and informal coaching. • What does your future team look like? • You will join the AI-SDLC team, responsible for building the internal platform that enables AI agents to operate across the Workleap and ShareGate development lifecycle. This includes developing agent pipelines, safety mechanisms, and developer-facing tooling. • You will work closely with Infrastructure SecOps and partner with multiple product teams across the organization. This is a highly collaborative environment where your impact comes from building scalable solutions and making secure development the default for everyone. • What are the next challenges awaiting your team? • Scaling automated security practices across a growing portfolio of SaaS products; • Deepening security integration within GitHub Actions and CI/CD pipelines; • Ensuring security guardrails evolve alongside AI-assisted and agentic development workflows; • Strengthening secure-by-default practices and developer security awareness across teams.
Benefits
• This range reflects our Canada-wide compensation scale. Final offers may be adjusted based on the candidate’s region to align with local market conditions.
No credit card. Takes 10 seconds.