Application Security Engineer (3-6 month contract)

Who We Are

At Certn were revolutionizing background screening with The Worlds Easiest Background Check fast global and powered by tech. Were not about outdated processes and red tape. Were about innovation speed and impact. If youre looking for a place where ownership collaboration and creativity thrive this is it.

The Opportunity

Were looking for an Application Security Engineer to safeguard our customer-facing platforms and internal this hands-on role youll embed security at every stage of the application lifecycle from architecture and development through deployment and monitoring. This is an ideal opportunity for someone passionate about secure software development automation and protecting peoples data in a fast-moving product-centric environment.

Key Responsibilities

Secure Application Development

• Embed security best practices throughout the software development lifecycle (SDLC) to ensure applications are designed and built with security in mind from the start.

• Conduct secure code and architecture reviews to proactively identify and remediate vulnerabilities before they impact production.

• Partner with engineering teams to create secure-by-design applications that protect sensitive applicant client and employee data while maintaining product performance and usability.

Threat Detection and Vulnerability Management

• Identify assess and prioritize potential security risks to reduce Certns exposure to emerging threats and strengthen overall resilience.

• Coordinate internal and third-party penetration testing to validate the effectiveness of security controls and ensure vulnerabilities are remediated promptly.

• Maintain a structured vulnerability management process to ensure accountability visibility and measurable improvement in Certns security posture over time.

Security Tooling and Automation

• Implement and manage security tools (e.g. SAST DAST dependency scanning secrets detection) to continuously monitor and safeguard Certns applications.

• Integrate automated security checks into CI/CD pipelines to enable fast secure releases without slowing development velocity.

• Leverage automation to improve efficiency consistency and early detection of security issues reducing manual overhead and human error.

Governance Compliance and Incident Response

• Align application security practices with global and regional standards (e.g. SOC 2 ISO 27001 GDPR PIPEDA) to meet client and regulatory expectations.

• Support audit and compliance efforts by maintaining evidence of secure processes and demonstrating control effectiveness to external and internal stakeholders.

• Participate in incident response for application-related issues to minimize impact learn from events and strengthen future defenses.

Collaboration Enablement and Continuous Improvement

• Partner with product engineering DevOps and compliance teams to integrate security objectives seamlessly into business and development processes

• Promote secure development practices through training documentation and coaching fostering a culture where security is a shared responsibility.

• Stay current on evolving threats technologies and best practices to continuously enhance Certns security capabilities and maintain stakeholder trust.

Key Requirements

• Bachelors degree in Computer Science Information Security Software Engineering or a related technical discipline; or an equivalent combination of education and practical experience.

• Relevant post-secondary coursework or certifications in cybersecurity secure software development or cloud security are considered strong assets.

• Strong understanding of secure coding principles web application security and common vulnerabilities (e.g. OWASP Top 10 SANS top 25).

• Proficiency with application security testing tools such as SAST DAST SCA and secrets-scanning platforms.

• Working knowledge of authentication and authorization mechanisms encryption API security and identity management.

• Ability to interpret and communicate technical security risks to both technical and non-technical audiences.

• Experience integrating security into CI/CD pipelines and using automation to improve security coverage.

• Analytical thinking problem-solving and prioritization skills with strong attention to detail.

• Collaborative mindset with the ability to partner effectively across engineering product DevOps and compliance teams.

• Demonstrated experience performing threat modeling code review and vulnerability remediation within agile development environments.

• Hands-on experience with cloud-native architectures and security practices across AWS Azure or GCP environments.

• Familiarity with security frameworks and compliance standards (e.g. SOC 2 ISO 27001 NIST GDPR PIPEDA).

• Proven track record of improving security maturity within a fast-paced product-focused organization.

Why You Should Be Excited

Flexibility: Remote-first role with teammates across North America and the UK

Global Collaboration: Partner with experienced technical teams in multiple regions

Culture: Collaborative async-friendly and innovation-focused.

A Little Bit More About Us

Certn is a growing global technology company reinventing the way organizations build trust in people with technology and AI-backed background checks. Having recently been named one of Canadas Companies-to-Watch in Deloittes Technology Fast 50 Awards we are one of the fastest-growing start-ups in the sector. Just so you know the selected candidate will be required to complete a background check so youll get to see first-hand what we do. Certn is committed to equal opportunity inclusion and diversity. If you have a disability that requires accommodation at any stage of the recruitment process please let us know how we can best assist you.

Ready to build your career and make an impact Apply now and start your journey with Certn.