Application Security Engineer
Shopify's merchant protection team ensures we provide a trustworthy commerce platform for our merchants. This includes security in every aspect of the Shopify experience, from storefront to the Admin panel to apps in our App Store. We are looking for an application security specialist who will help identify and respond to application vulnerabilities and develop tools to integrate security into our development process.
You'll need to have:
- Experience performing web application penetration testing (Running Nessus doesn't count)
- Thorough knowledge of security issues affecting web applications
- Interest in creative ways to include security in the software development process
It'd be great if you have experience with:
- Web application development, especially Ruby on Rails
- Contributing to open source security projects
- Bug bounty programs such as the Shopify Whitehat program (https://hackerone.com/shopify)
You'll be working on things like:
- Performing security audits of internally-developed and third-party apps
- Responding to vulnerabilities disclosed through our Whitehat program
- Providing security advice to product teams
- Developing tools to help scale the security assessment process
Here's how to apply:
If you’re interested in helping us shape the future of commerce, click the “Apply now” button to submit your application. Please address your cover letter to Andrew Dunbar, our Director of Risk and Compliance.
We're a product company and we value those who know our product.
Build a Shopify store if you haven't already. https://www.shopify.com (Don't spend more than 20 minutes on this - it's meant to get you familiar with the product, not to build a professional looking store). Add the link to your store in the last field below.
Back to top