Principal Product Security Architect
Waterloo, Ontario, Canada
Analyze software applications for security vulnerabilities, recommend mitigation techniques, and consult as an application security expert. Assist Product Security Management in designing and documenting policies, process, and procedures to continuously improve and track our Product Security Assurance Program, governing testing and scanning procedures in a Secure Development Lifecycle.▪ Perform application layer security vulnerability assessments and penetration tests, exercising expertise with SAST and DAST tools and methodologies.▪ Investigate reported vulnerabilities, provide information about defect types, document steps to recreate, assess exploitation likelihood, impact, risk, etc.▪ Work closely with product development teams to assess and improve the maturity of security vulnerability detection procedures and mitigation.▪ Initiate threat modelling exercises, paper based security assessments, audits, application security architecture reviews;▪ Threat and vulnerability management, research, internal dissemination and tracking of risks.▪ Train, mentor, and support.▪ Author clear, concise and unambiguous reports and technical whitepapers, and perform peer reviews, offering constructive criticism of other team member’s outputs.▪ Liaise with customers on security assurance needs and issues.