Senior Security Developer

Posted:
10/11/2024, 10:06:43 AM

Experience Level(s):
Senior

Field(s):
IT & Security

Workplace Type:
Hybrid

Vidyard is the video platform that's built for business. Sales reps, marketers, and corporate communicators use Vidyard to record and share videos that grab attention and deliver their message in a personal, impactful way. It's the video tool of choice for Microsoft, LinkedIn, and thousands of other companies. We're passionate about elevating our customers, our teammates, our communities, and ourselves.

About the Role

Vidyard is looking for a Senior Security Developer to join our IT & Security team. Reporting to the Manager, IT & Security, you will work primarily in conjunction with the greater R&D organization within Vidyard to grow and shape our security framework, as well as provide insight and collaboration during the design and development processes.

The Senior Security Developer will be a uniquely positioned individual, and will lend their experience and mentorship expertise in secure software development and secure Engineering practices to the rest of the team, navigating exciting and new technology, and leveling up Vidyard’s posture and framework while also growing and shaping their own skills.

This role is new to the team, and tailored toward a candidate who is excited about cybersecurity, secure coding, and secure development practices, while also looking for an avenue to display their own talents and leadership skills with a team that is eager to grow, and eager to learn. We’re looking for someone who has experience as a developer with a passion for security, taking ownership over and influencing secure coding practices across engineering.

This is a remote role open only to candidates located in Canada. 

About the Team

Our IT & Security is a fully cross-functional team that manages all IT and Security requests and requirements, manages our security framework, obligations, and compliance initiatives. Working closely with all other teams within Vidyard, the IT & Security team is positioned to provide world class support both to Vidyardians and our current and prospective clients throughout the sales enablement process. In addition, the team works alongside the Product and Engineering teams to ensure the security and protection, availability, and confidentiality of customer data remains top of mind and a company-wide priority.  

What You’ll Work On

  • Collaborating with other engineering teams and stakeholders to identify gaps, develop best practises, and build trust and relationships to help them deliver on their projects
  • Identifying process gaps and championing necessary changes to enhance organizational security from an engineering perspective. 
  • Evaluating and managing vulnerabilities, improving reporting and management processes. 
  • Propose security-focused changes to the SDLC to streamline engineering efforts and company operations. 
  • Owning key areas within the Security team, including infrastructure alerts and security vulnerabilities, driving process improvements and positive trends.
  • Developing and implementing engineering related security policies and strategies in line with Vidyard’s goals and compliance initiatives. 
  • Conducting risk assessments, staying updated on threats, and implementing risk management strategies to proactively address vulnerabilities. 
  • Leading incident response, collaborating with leadership to resolve security events and mentoring staff through remediation efforts. 
  • Monitoring security access, detecting anomalies, and instrumenting security tools to identify threats. 
  • Conducting advanced monitoring, log review, and responding to complex security tickets and security submissions.
  • Collaborating with product teams to integrate security into the software development lifecycle, conducting threat modeling, risk assessments, and ensuring secure coding practices. 
  • Setting goals, and managing long-term projects while fostering a culture of continuous growth and improvement by mentoring others in areas you are skilled in.

What You’ll Bring to this Role and Your New Team

  • 4+ years of experience in cybersecurity at software development or SaaS company.
  • Experience working within a startup environment.
  • A strong understanding of the domains in which you work ex. cloud security issues/best practises, AWS, observability tooling, GDPR, security tooling and automation.
  • Experience with mentorship is preferred, as this will be a pivotal role in the Security team.
  • Experience with software development lifecycle and secure coding practices is preferred, as this role will be uniquely positioned to guide these processes.  
  • You thrive at solving ambiguous and challenging security or compliance problems.
  • You are able to easily break down security problems or incidents into meaningful solutions to help mitigate future attacks or vulnerabilities.
  • Experience with and a proven track record of making improvements and adjustments during development, reducing vulnerabilities introduced into code. 
  • Strong communication and collaboration skills, with the ability to work effectively across teams and influence stakeholders.
  • Self-driven attitude, and ability to identify gaps in programs and processes, with an aggressive approach to information gathering and advocating for change.

Our Tech Stack

While you don’t need to have experience with all of these technologies, experience with the highlighted technologies is preferred:

  • Cloud Compliance PlatformsSIEM products
  • Network Security (eg. WAF, Security Groups)
  • Cloud Security Tooling (eg. AWS Inspector)
  • Static Application Security Testing (SAST) Tools
  • Dynamic Application Security Testing (DAST) Tools
  • AWS Cloud Infrastructure and servicesInfrastructure as Code tooling - Terraform
  • Version control - Git
  • Testing frameworks such as RSpec, Jest, Mocha
  • Server technologies such as Node.js and Ruby on Rails
  • Relational Databases such as MySQL, PostgreSQL
  • Container Orchestration platforms such as AWS ECS and KubernetesSecurity Infrastructure Tooling (WAF, Guard Duty, Datadog)

Job descriptions can be overwhelming. At Vidyard we are motivated to drive change together and deeply value the unique experiences, abilities and opinions you possess. We value candidates who own it, and if you’re relentlessly resourceful too, you might be exactly who we are looking for! 

As we also value user obsession, we prioritize our users, customers and community so you can expect to hear from our team even if you are not selected to move forward.

What You’ll Love about Vidyard:

  • Competitive pay
  • Comprehensive, flexible benefits on day one
  • Wellness allowance to spend on what's important to you 
  • Flexible hours + unlimited vacation + programs to support travel while working, enabling you to live your best life
  • Access to Inkblot, a digital mental health platform + $1,500/person/year for mental health coverage
  • Allowance to support your ongoing growth and development
  • Parental leave top-up
  • Paid volunteer hours
  • Employee resource groups to empower and drive change at Vidyard and in our communities
  • RRSP match
  • Stock options
  • Flexible holiday program
  • Home office stipend 
  • Flexibility to work in the place that brings out your best: whether you thrive in the comfort of your home office, or are local to, and prefer the energy of our collaboration space in Kitchener, Ontario, Canada, there is flexibility for all. Although we default to remote-first there will be occasional in-person meetings/events purposefully designed for connection and collaboration.

Vidyard is an equal opportunity employer. Applicants who require reasonable accommodation to complete the application and/or interview process should notify us at [email protected]Unsolicited resumes from Agencies will not be accepted.