Application Security Engineer

Think Research • Full-time • Greater Toronto Area, Canada, CA • 2w ago

The Company

Think Research is an industry leader in delivering knowledge-based digital health software solutions. Our mission is to organize the world’s health knowledge so everyone gets the best care. We create cutting-edge, evidence-based healthcare technology solutions that support the clinical decision-making process, standardize care, and improve patient outcomes. For over a decade, our cloud-based, EMR-agnostic digital tools have empowered clinicians around the world and positively impacted millions of patients across the continuum of care – including primary physician care, acute care hospitals and surgical suites as well as community and seniors care. We are proud to serve as a trusted health system partner to a rapidly growing, global client base that spans five continents across more than 13,000 healthcare facilities, with a clinical audience of over 300,000 doctors, nurses and pharmacists . If you are looking to improve patient care and are passionate about technology — look no further.

Why Us?

It's not every day that you have the chance to change the way your friends and family are cared for - Make an impact!
Be a part of the digital disruption happening in healthcare and do challenging, meaningful work
We’re growing, and so will you with leaders who will support your development through mentorship and other opportunities
Collaborative, creative, dynamic and flexible work environment, with a start-up spirit

The Role

We are seeking a highly motivated individual with a strong background in software development. The ideal candidate will have transitioned from a development role into security and have experience in threat modelling, application penetration testing, and vulnerability manageme nt.

You Will Have The Opportunity To:

Lead the effort to identify potential security risks to the organization's applications and systems through the creation and maintenance of threat models.
Perform security assessments of the organization's applications and systems to identify vulnerabilities, assess their impact, and provide recommendations for mitigation and/or remediation.
Collaborate with development teams to perform vulnerability assessments, prioritize vulnerabilities based on risk, and help mitigate the risk through the development of security best practices and the implementation of secure coding practices.
Evaluate third-party code and/or libraries against known vulnerabilities.
Perform source code reviews to identify potential security risks and provide recommendations for remediation.
Implement and manage security testing tools (SAST/DAST) to continuously monitor the security posture of the applications.
Drive the integration of security into the CI/CD pipeline, ensuring seamless integration of security measures into the overall software development process.
Act as technical contributor to all things related to application security.
Be available on-call 24x7 to respond to security incidents and provide support to the incident response team.

What You Will Bring

Bachelor's degree in Computer Science or a related field.
Strong development experience with both front-end and back-end technologies.
Demonstrated ability to perform Web Application and API penetration testing.
Experience securing container and microservices technologies (Kubernetes).
Experience with cloud platforms such as Google Cloud Platform (GCP) and Amazon Web Services (AWS).
Experience with the ELK (Elasticsearch, Logstash, and Kibana) stack.
In-depth understanding of DevSecOps principles and practices.
Familiarity with the OWASP Application Security Verification Standard (ASVS) and the ability to implement and adhere to its guidelines.

Think Research and all subsidiaries are proud to be an equal opportunity employer and is committed to creating a diverse and inclusive workplace, free of discrimination and harassment.

We provide equal employment opportunities (EEO) to all employees and applicants regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

We are committed to providing accommodations for people with disabilities. Should you require an accommodation, we would like to work with you to meet your needs.