Secure Software Engineer (API & DevSecOps Focus)

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 5 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Description:

Secure API development Design and develop RESTful APIs and integrations with strong authentication authorization and data protection measures.

Work with PostgreSQL and other RDBMS to query optimize and secure data structures against injection attacks data leakage and unauthorized access.

Contribute to system architecture with Security by Design including threat modeling and secure design reviews at the planning stage.

Write scripts to automate security scans compliance checks and reduce manual effort in security monitoring and deployment workflows.

Proficiency in Python JavaScript Java or Go with a focus on secure coding standards (e.g. OWASP Top 10 mitigation).

Implement CI/CD pipelines with integrated SAST DAST dependency scanning and secrets management for secure deployments.

Deep application of secure coding frameworks vulnerability prevention and industry best practices (OWASP SANS).

Strong problem-solving and debugging skills for both functional and security-related issues in dev test and prod environments.

Collaborate closely with developers operations and security teams to embed a culture of security across all cross-functional work.

Primary Skills:

Secure coding (OWASP Top 10 SANS CWE)

API security (OAuth2 JWT input validation)

CI/CD security integration (SAST DAST dependency scanning)

Programming in Python JavaScript Java or Go PostgreSQL database security.

Threat modelling amp secure architecture reviews.

Security automation scripting Good to Have-Cloud security (AWS GCP Azure)

Container security (DockerK8s image scanning)

IaC security (Ter-raform Ansible)

Security compliance (SOC 2 ISO 27001)Ideal

Experience Range: 6-9 years total experience in software development and DevOps with at least 2-3 years hands-on security exposure (secure coding pipeline security API security threat modelling).

Required Skills:

Job Description: Secure API development Design and develop RESTful APIs and integrations with strong authentication authorization and data protection measures. Work with PostgreSQL and other RDBMS to query optimize and secure data structures against injection attacks data leakage and unauthorized access. Contribute to system architecture with Security by Design including threat modeling and secure design reviews at the planning stage. Write scripts to automate security scans compliance checks and reduce manual effort in security monitoring and deployment workflows. Proficiency in Python JavaScript Java or Go with a focus on secure coding standards (e.g. OWASP Top 10 mitigation). Implement CI/CD pipelines with integrated SAST DAST dependency scanning and secrets management for secure deployments. Deep application of secure coding frameworks vulnerability prevention and industry best practices (OWASP SANS). Strong problem-solving and debugging skills for both functional and security-related issues in dev test and prod environments. Collaborate closely with developers operations and security teams to embed a culture of security across all cross-functional work. Primary Skills: Secure coding (OWASP Top 10 SANS CWE) API security (OAuth2 JWT input validation) CI/CD security integration (SAST DAST dependency scanning) Programming in Python JavaScript Java or Go PostgreSQL database security. Threat modelling amp secure architecture reviews. Security automation scripting Good to Have-Cloud security (AWS GCP Azure) Container security (DockerK8s image scanning) IaC security (Ter-raform Ansible) Security compliance (SOC 2 ISO 27001)Ideal Experience Range: 6-9 years total experience in software development and DevOps with at least 2-3 years hands-on security exposure (secure coding pipeline security API security threat modelling).