Application Security Engineer

Shopify's merchant protection team ensures we provide a trustworthy commerce platform for our merchants. This includes security in every aspect of the Shopify experience, from storefront to the Admin panel to apps in our App Store. We are looking for an application security specialist who will help identify and respond to application vulnerabilities and develop tools to integrate security into our development process.

You'll need to have:

  • Experience performing web application penetration testing (Running Nessus doesn't count)
  • Thorough knowledge of security issues affecting web applications
  • Interest in creative ways to include security in the software development process

It'd be great if you have experience with:

  • Web application development, especially Ruby on Rails
  • Contributing to open source security projects
  • Bug bounty programs such as the Shopify Whitehat program (

You'll be working on things like:

  • Performing security audits of internally-developed and third-party apps
  • Responding to vulnerabilities disclosed through our Whitehat program
  • Providing security advice to product teams
  • Developing tools to help scale the security assessment process

Here's how to apply:

If you’re interested in helping us shape the future of commerce, click the “Apply now” button to submit your application. Please address your cover letter to Andrew Dunbar, our Director of Risk and Compliance.

We're a product company and we value those who know our product.
Build a Shopify store if you haven't already. (Don't spend more than 20 minutes on this - it's meant to get you familiar with the product, not to build a professional looking store). Add the link to your store in the last field below.

Meet Some of Shopify's Employees

Mariel V.

UX Designer

Mariel creates user-friendly designs in an effort to establish and enforce a coherent look and feel across all of Shopify’s digital content and the online experience for users.

Omosola O.

Developer, Risk Operations

Omosola provides development support to Shopify’s Risk Operations Team. She classifies the risk new merchants pose to the platform and performs technical tasks to support the Risk Analysis Team.

Back to top