Application Security Software Engineer

PointClickCare is a leading North American healthcare technology platform enabling meaningful care collaboration and real‐time patient insights. For over 20 years, the company has been focused on realizing its vision: to help create a world in which providers and plans can confidently deliver frictionless care. Since its inception, PointClickCare has grown exponentially, with over 2,200 employees working to impact millions across North America. Recognized by Forbes as one of the top 100 private cloud companies and acknowledged by Waterstone Human Capital as Canada’s Most Admired Corporate Cultures, PointClickCare leads the way in creating cloud-based healthcare software. At PointClickCare, we offer a wealth of opportunities and a vibrant culture that empowers our employees. Our dynamic environment is the perfect place to advance your career while engaging in meaningful work alongside incredible colleagues. Here, you’ll discover a space where your talents can thrive, your career can grow, and your work will have a lasting impact on healthcare across North America. We believe that work becomes profoundly fulfilling when driven by a higher purpose. Join us and be part of a team that is making a real impact. To learn more about us, check out Life at PointClickCare and connect with us on Glassdoor and LinkedIn.
Team Summary
The Application Security team consists of a group of highly skilled engineers who are passionate about safeguarding our company’s applications and platforms. With a mix of remote and hybrid team members, we embrace flexibility while fostering strong collaboration across projects. Our team operates at the forefront of application security, offering opportunities to work on innovative solutions, tackle complex challenges, and make a meaningful impact on the company’s security posture. Joining this team means becoming part of a supportive environment that values growth, learning, and cutting-edge security practices.
Job Summary
As a Application Security Software Engineer for the Application Security department, you will play a critical role in safeguarding our company's applications and platforms.  AppSec Engineers have distinct areas of responsibility where you will be the AppSec contact for designated teams, remediate security issues, help teams to understand and correct vulnerabilities, provide training, and build libraries.  Your primary responsibility will be to triage the various scan results daily.  This role requires a strategic thinker who can understand and address security concerns on a company-wide scale.
Key Responsibilities
•Monitor and triage findings from SAST, DAST, and SCA tools to identify security vulnerabilities•Prioritize and escalate critical issues for remediation based on risk levels and business impact•Generate reports and provide insights to improve the effectiveness of security tools and processes•Build, update, and maintain reusable security libraries and frameworks to standardize secure practices across development teams•Ensure libraries address common vulnerabilities (e.g., input validation, authentication, encryption) and are easy to integrate•Work with teams to promote adoption and provide guidance on proper usage of these libraries•Collaborate with development, DevOps, and QA teams to integrate security into the software development lifecycle•Communicate effectively with stakeholders, including developers and management, about risks, mitigation strategies, and best practices•Act as a resource for cross-team initiatives related to security•Contribute to the creation and enforcement of security policies and procedures•Ensure compliance with industry standards and regulations such as OWASP, HIPAA, and HITRUST•Support audit activities by providing evidence and documentation of compliance measures•Participate in incident response efforts, including investigating and remediating security incidents or vulnerabilities•Stay updated on the latest developments in application security through research, training, and conferences•Continuously improve security practices by identifying and implementing innovative security solutions.
Qualifications and Skills 
•Bachelor’s degree in computer science, Information Security, or a related field•Experience with SAST, DAST, SCA tooling•Familiarity with industry standards and security compliance requirements•Advanced communication skills for cross-functional team engagement•Proficiency with common programming languages (e.g., Java, Python, C#)•Hands-on experience in application security testing•Knowledge of cloud security principles and practices•Experience working in Agile development environments.
#LI-hybrid#LI-AJ1PointClickCare Benefits & Perks:Benefits starting from Day 1!Retirement Plan Matching Flexible Paid Time OffWellness Support Programs and ResourcesParental & Caregiver LeavesFertility & Adoption SupportContinuous Development Support ProgramEmployee Assistance Program Allyship and Inclusion CommunitiesEmployee Recognition … and more!
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com 
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.