Security Engineer/Senior Security Engineer

Canada
Permanent
Temps-plein

Il y a 16 jours

Security Engineer/Senior Security EngineerHarmonic is the worldwide leader in video delivery solutions, enabling media companies and service providers to deliver ultra-high-quality streaming and broadcast services to consumers globally. Through innovative SaaS platforms and software-based appliances, we are changing the way media companies and service providers monetize live and on-demand content on every screen. More information is available at www.harmonicinc.comRole DescriptionWe are looking for a Security Engineer to join our security team to champion security across our products and engineering organization. You will be the go-to expert for securing our applications, from the first line of code to our production cloud environment. You will have a direct impact on our security posture, embedding security best practices into our development lifecycle and protecting our platform from emerging threats. This is a chance to build, automate, and own the security function in Harmonic.You will be reporting to the Sr. Staff Engineer, SaaS Security.LocationHybrid role – 3 days onsite work at our Burnaby OfficeWhat you will be doing:

Comprehensive Security Testing: Lead and perform continuous security testing on our SaaS products, APIs, and underlying cloud infrastructure. This includes hands-on penetration testing, vulnerability assessments, and managing our automated testing tools (SAST, DAST, SCA).
Targeted Security Auditing: Conduct regular security auditing of our products, development processes, and configurations against industry best practices and compliance standards (e.g., SOC 2, ISO 27001). You will also perform threat models and security design reviews for new features to ensure security is built-in from the start.
Secure Code Review: Perform security-focused manual code reviews and provide actionable, context-aware guidance to our software development teams to remediate weaknesses.
Security Automation: Design, build, and maintain automated security tooling within our CI/CD pipeline to provide rapid feedback to developers and effectively "shift security left."
Security Operations & Incident Response: Monitor, analyze, and respond to security alerts from our monitoring tools. You will be a key player in our incident response process, from initial investigation through to remediation and post-mortem analysis.
Cloud Security Posture Management: Continuously assess and help secure our cloud environment (AWS/Azure/GCP) against common attack vectors, misconfigurations, and emerging threats.

What you should have:

Bachelor's degree or above in Computer Science, Computer Engineering, Mathematics, Physics or related disciplines from a top-tier university.
3-5 years of experience in a security role, such as Application Security, Product Security, or Penetration Testing, preferably within a SaaS or cloud-native environment.
Deep understanding of web application vulnerabilities, the OWASP Top 10, and common mitigation strategies.
Technical Skills:

Proficiency with security tools for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
Experience with scripting or programming for automation, preferably in Python, Bash, or Go.
Familiarity with securing cloud environments (AWS, Azure, or GCP).
Excellent communication skills with the ability to clearly explain complex security issues to both technical and non-technical audiences. You see yourself as a partner to the development team, not a roadblock.

Nice-to-Haves

Experience building security into CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Jenkins).
Knowledge of container security (Docker, Kubernetes).
Familiarity with compliance frameworks relevant to SaaS, such as SOC 2.
Relevant security certifications (e.g., OSCP, OSWE, GWAPT, GWEB, CISSP).

Pay & BenefitsFor this role, the estimated base salary range is between CAD 95,000 – CAD 130,000. The actual base salary will vary based on various factors, including market, location, and individual qualifications objectively assessed during the interview process.Diversity, Equality, and Inclusion at Harmonic IncAt Harmonic, we believe that building and nurturing a global team with diverse backgrounds and voices is critical to our success. Together, we achieve excellence through creativity and innovation, build relationships based on integrity and mutual respect, and deliver the highest quality in every aspect of our business for the benefit of our employees, business partners and shareholders.#LI-Hybrid#LI-KS1

Harmonic

Postuler