RemoteLeaf Logo
Log in Sign up

DevSecOps Lead

9 hours, 6 minutes ago
Canada
Full-time
Lead
Application Security Engineer
DevOps and Infrastructure
Azure Bash C# CI/CD DevSecOps GitHub Actions .NET OAuth OpenID Connect Python SAML
Apply Now
Workleap

Workleap

Workleap provides a comprehensive employee engagement software platform designed to enhance the productivity and collaboration of hybrid teams through tools for talent management, performance management, recognition, and onboarding.

Internet Software & Services
251-1K
$93M raised
View All Jobs 2

Description

  • Embed security into CI/CD pipelines by delivering automated tooling and integrated security checks such as SAST, DAST, SCA, and secret scanning.
  • Design and implement automated, policy-driven security review workflows to support secure-by-default development.
  • Build security guardrails for AI-assisted development and agent workflows while preserving developer velocity.
  • Identify, assess, and drive remediation of application security vulnerabilities.
  • Lead threat modeling and security assessments for new features and architectural changes.
  • Develop automation, tooling, and streamlined processes to improve detection, response, and vulnerability management.
  • Partner with Infrastructure SecOps to harden Azure environments and deployment practices.
  • Contribute to and scale the bug bounty program and vulnerability intake processes.
  • Write code for security tooling, CI/CD configurations, and automated review workflows.
  • Collaborate with engineering teams through architecture discussions, code reviews, pairing, and coaching.

Requirements

  • 8+ years of experience in application security, DevSecOps, or security-focused software development.
  • Strong software engineering background combined with deep security expertise.
  • Deep understanding of web application security principles, OWASP Top 10, and CWE Top 25.
  • Hands-on experience performing secure code reviews in C#.
  • Experience building and maintaining security automation in CI/CD pipelines, with GitHub Actions preferred.
  • Solid understanding of Azure cloud services, infrastructure security, and deployment patterns.
  • Experience integrating SAST, DAST, SCA, and secret scanning tools into development workflows.
  • Proficiency in scripting with Python and Bash for automation and tooling.
  • Extensive hands-on experience with AI-assisted and agentic development workflows, including their security implications.
  • Familiarity with authentication protocols such as OIDC, SAML, and OAuth.
  • Ability to clearly communicate security risks and trade-offs to technical and non-technical stakeholders.

Benefits

  • Salary range of $150–180k CAD.
  • Canada-wide compensation scale with potential regional adjustment based on local market conditions.
  • Remote-friendly role (#LI-Remote).
  • Supportive, collaborative work environment that values trust and mutual support.
  • Opportunity to express yourself, grow, and develop creativity in a flexible environment.
  • Healthy and inclusive work environment.
  • Structured hiring process with Phone Screen, Virtual Interview via Microsoft Teams, Work Sample, and Job Offer.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Zscaler

Director, Product Management, Customer Security Outcomes

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Director of Product Management for Customer Security Outcomes to lead the vision and strategy for its security operations services in a fully remote U.S. role.

United States Full-time Executive Application Security Engineer Product Manager
$200k-$285k
Generative AI Machine Learning
2 days, 8 hours ago
Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into its open source software delivery and cloud-native product stack, with ownership of secure pipelines, product hardening, and security architecture across the company.

United Kingdom Full-time Lead Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
3 days, 8 hours ago
Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Senior Product Security Engineer to embed security into its cloud-native product and delivery pipelines, helping protect hardened open source builds from development through production.

Canada Full-time Senior Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
3 days, 8 hours ago
Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Senior Product Security Engineer to embed security into the development lifecycle for cloud-native, Kubernetes-based products and strengthen the security of their open source software supply chain.

United States Full-time Senior Application Security Engineer
$157k-$184k
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
3 days, 8 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers