Apply now

The Canadian Digital Service (CDS) is tasked with changing how the federal government designs and delivers digital services, to reduce the risk of product failure, lower costs, ensure user privacy and system security, and, above all, improves people’s lives by putting their needs and concerns front and center.

We believe every experience Canadians have with their government should meet or exceed their reasonable modern expectations that digital services be safe, fast, easy, transparent, and accessible. Working in the open, we’re building capacity across the government for better service delivery. And we need you. We’re hiring a Senior Application Security Developer. While we have locations in Ottawa, Montreal, Toronto, and Kitchener; we largely work distributedly and equally value candidates in other parts of Canada.

This position reports to the Head of Platform Core Services. We work in small multidisciplinary agile teams utilizing a modern, forward-thinking approach to security. We focus on self-service tooling, proactive security monitoring and providing the education required to solve cross-cutting cyber security challenges across CDS. Senior Application Security Developers are classified as IT-04 or IT-05 (previously CS-04/CS-05) in the Computer Systems group.

You’ll need to accomplish the following things:

As a Senior Application Security Developer you’ll play a leading role in driving the direction of our security engineering capability and shape the tools that we create, ensuring they’re reliable, supportable, maintainable and aligned to industry best standards.

You will also:

  • plan, prioritize and deliver security tools and solutions
  • lead application security reviews and threat modeling, including code review and dynamic testing
  • guide and advise product development teams as subject matter expert in the area of application security
  • correctly balance security risk and product advancement
  • maintain and participate in operational support rotas, including our out-of-hours on-call rota

We’re interested in people who:

  • understand that security isn’t just a technology problem
  • have successfully delivered effective technology solutions that reduced risk and improved the security of an organization
  • have built and supported applications, preferably in languages such as Python, JavaScript, Go, or Ruby
  • Exposure to DevOps (Terraform, Github) and DevSecOps tools & Security Automation frameworks (SAST, DAST, IAST, SCA, Pentesting, Manual Code reviews, SSDLC, WAF and Bot Protection tools tuning and Hardening, Threat Modeling)
  • Knowledge of AWS
  • have an active interest in developing people, both personally and professionally
  • can effectively operate at a strategic level in setting goals and long­-term roadmaps, as well as in a technical hands-on capacity

We’ll evaluate you based on:

We will be looking at your experience, career history and achievements that are relevant to the specific job role. We may assess your ability, strength, experience, technical/specialist skills and behaviors.

Essential Criteria:

  • strong understanding and experience with common security libraries, security controls, and common security flaws
  • strong understanding of the web’s architecture
  • strong development or scripting experience and skills. You’re able to significantly and effectively contribute to the product and its security

Work anywhere in Canada

CDS is a fully distributed team. This job can be performed from anywhere in Canada.

Assessment accommodationexternal link

Out of an abundance of caution, all interviews will be conducted via video or teleconference for the foreseeable future.

At CDS, we welcome and invite difference.

We proudly, passionately, and actively strive to make CDS more reflective of the society that we serve. We will only be able to deliver better, more accessible, and more inclusive public services if we harness diverse thoughts, experiences, and skills. We work hard to create an environment where different perspectives and experiences are valued. We are committed to helping diverse talent thrive.

CDS welcomes all applicants, including Veterans and people of all races, ethnicities, religions, sexual orientations, gender identities and expressions, national origins, disabilities, ages, body sizes and including those with diverse households and family commitments. We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

A pool of qualified persons resulting from this process MAY be created and MAY be used to fill similar positions, with linguistic profiles (english essential, bilingual imperative BBB/BBB, bilingual imperative CBC/CBC, as well as tenures (indeterminate, deployment, acting, assignment, secondment, specified period) which may vary according to the position being staffed.

Apply now

No file selected
300 words remaining
URLs, please!