Empowering the sports fan's experience
Sports Media • Mobile Apps • Sports Content • Digital Publishing • Technology
September 11
🏢 In-office - Toronto
Empowering the sports fan's experience
Sports Media • Mobile Apps • Sports Content • Digital Publishing • Technology
• Collaborate with release and change management, SRE, Engineering, and compliance teams • Work with security/internal/external/state auditors to demonstrate compliance • Maintain a working knowledge of OWASP top 10 and MITRE top 25 CWE • Develop standards for security tooling focused on the application layer (SAST, DAST, SCA, MAST, RASP) • Build/implement secure artifact workflows in the SDLC to ensure governance and compliance standards are being met • Create technical approaches to implementing Application Security control technologies • Contribute to theScore’s Application Security program to support our continued growth • Define and report on security metrics, their delivery, and improvements • Work with service teams to conduct threat models of theScore’s internal and customer facing applications • Assist service teams in understanding and remediating security findings (code bashing) • Other duties as required.
• 1+ years of Application Security or DevSecOps experience • 1+ years of GCP or AWS experience • An understanding of software supply chain security (SBOMs, Artifact Signing, Attestations) • Programming experience in Python or Go • Experience with implementing security tooling in CI/CD • Experience supporting RESTful APIs and securing containerized workloads (GKE, EKS)
• Fun, relaxed work environment • A voice. We're dedicated to open communication which empowers our employees to drive the company's culture • A company that encourages a culture of inclusion and diversity • Opportunity to work on large scale consumer-facing applications with millions of users • Career growth. Mentorship from some of the brightest people in the industry
Apply Now