Application Security Engineer

We are seeking a skilled, innovative, and team-focused Application Security Engineer to contribute to the design and development of our HP Anyware Software. This solution is comprised of desktop software and kernel drivers that are supported on Windows, MacOS and Linux and a SaaS platform that is containerized, built on microservice architecture and runs in the public cloud. Our portfolio also includes mobile clients for iOS and Android and the Trust Center platform geared towards implementing HP Anyware in Zero Trust Architectures.

We are a leading provider of secure remote access solutions, with our flagship product, HP Anyware Software, being utilized by numerous prominent entities in the Media & Entertainment industry.

Ideal Candidate: The ideal candidate will have a strong inclination towards security and understand that security encompasses adherence to regulations, visibility, and ethical responsibility.

Roles And Responsibilities

• Collaborate with the HP Global Cybersecurity team (GCS) to conduct architecture reviews and security testing for new HP Anyware products and features.
• Support the HP Anyware product development teams in implementing and maintaining the Secure Software Design Lifecycle (SSDLC).
• Act as a Subject Matter Expert (SME) on SSDLC and related tools such as OSS, DAST, SAST, IAST, and vulnerability management tools.
• Lead initiatives on product security, fostering a culture of security within the software development teams.
• Oversee and monitor CI/CD security controls and testing tools in collaboration with the systems teams.
• Assist in classifying application vulnerabilities and providing remediation suggestions.
• Prioritize security-related issues in conjunction with HP Anyware Product Owners and Architects.
• Mentor and inspire software developers interested in security, encouraging them to become security champions within their teams.
• Coordinate penetration testing of HP Anyware products with external vendors.
  
  

Desired Skills

• Security Fundamentals: Strong understanding of the principles of confidentiality, integrity, and availability (CIA), as well as authentication, authorization, and auditing (AAA).
• Security Tools: Experience in scanning and triaging results from security tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis.
• Encryption Techniques: Familiarity with encryption protocols, particularly those based on TLS and IPSec
• Software Design Patterns: Knowledge of secure software design patterns and architectures, including Microservice and Zero Trust Architectures.
• Technology Proficiency: Ability to apply security fundamentals across a wide range of technology stacks and operating systems, including AWS, Azure, GCS, Linux, Windows, macOS, Kubernetes, and CI/CD pipelines.
• Software Development Lifecycle (SDLC): Familiarity with the SDLC, particularly the Scaled Agile Framework (SAFe).
• Education: Bachelor's degree in relevant area or demonstrated competence. Typically 7-10 years of relevant experience.
  
  

HP Canada is an equal opportunity employer. We welcome the many dimensions of diversity. Upon request by qualified candidates, accommodation of special needs may be considered during all stages of the selection process within the framework of the HP Accommodation Policy. If you need assistance in filling out the employment application or require a reasonable accommodation while seeking employment, please e-mail hrgsglobalstaffing@hp.com. Note: This option is reserved for applicants needing a reasonable accommodation related to a disability.

In order to satisfy our contractual obligations with clients, the successful candidate will be required to pass a basic, standard Criminal Records check. You will also be required to sign off on HP's Confidentiality, Non-Solicitation and Conflict of Interest Agreement.