Application Security Engineer Prin
Canada
Dayforce is a global human capital management (HCM) company headquartered in Toronto, Ontario, and Minneapolis, Minnesota, with operations across North America, Europe, Middle East, Africa (EMEA), and the Asia Pacific Japan (APJ) region. Our award-winning Cloud HCM platform offers a unified solution database and continuous calculation engine, driving efficiency, productivity and compliance for the global workforce. Our brand promise - Makes Work Life BetterTM- Reflects our commitment to employees, customers, partners and communities globally.
Location: Work is what you do, not where you go. For this role, we are open to remote work and can hire anywhere in the United States or Canada.
About The Opportunity
As an Application Security Engineer, you’ll play a critical role in helping our engineering teams design and build secure, resilient applications. You’ll lead hands-on product security assessments, collaborate on secure architecture and threat modeling, and influence engineering practices to raise the bar for software security across our organization.
What you'll get to do
• Lead product security reviews: Conduct full-scope security assessments of our applications and services—including code reviews, threat modeling, and both dynamic and static analysis. You'll work across teams to identify and mitigate risks early in the development lifecycle.
• Influence architecture and design: Serve as a security thought partner for product architects and engineers. You'll guide threat modeling efforts, assess technical risk, and champion security best practices throughout the SDLC.
• Drive strategic initiatives: Own high-impact security projects that shape the future of our product security posture. Past initiatives have included supply chain security automation, advanced SAST/DAST integrations, and secure development training programs.
• Identify and support remediation of vulnerabilities: Leverage available tools (e.g., static/dynamic analysis, scanning platforms, and internal reports) to investigate security issues, assess root causes, and design effective remediation strategies. Partner closely with engineering teams to provide guidance and support throughout the implementation of fixes, ensuring they align with security best practices.
• Enable engineering teams: Act as an embedded security advocate and collaborator, helping development teams move fast—safely. You'll create guidance, tooling, and processes that make it easier to build secure software.
Skills and Experiences we value
• Hands-on experience in application or product security, with a background in software development
• Strong technical depth, with experience in at least one modern programming language (e.g. C#, Java, Python)
• Cloud security expertise, particularly in Azure and/or AWS, including familiarity with IAM, containerization, networking, and native security controls.
• Proven ability to analyze complex systems and codebases, especially within distributed, microservices-based environments
• Excellent communication skills, with the ability to clearly articulate risk and security trade-offs to technical and non-technical stakeholders
• Experience with static and dynamic analysis tools, Atlassian suite and pentesting tools (Burp, sqlmap)
• Ability to perform black-box and grey-box testing of web applications and APIs
What would make you really stand out
• Prior experience in a SaaS or cloud-native environment
• Familiarity with secure CI/CD practices and software supply chain security
• Experience leading or contributing to secure development lifecycle (SDL) programs
• Contributions to open-source security tools or research
• CISSP, CEH/OSCP certification
What’s in it for you
Dayforce is fueled by the diversity of our talented employees. We are an equal opportunity employer and consider and embrace ALL individuals and what makes them unique. We believe our employees should be happy and healthy, with peace of mind and a sense of fulfillment.
We encourage individuals to apply based on their passions.
Dayforce encourages personal and professional growth. We offer excellent time away from work programs, comprehensive wellness initiatives and recognition through competitive pay and benefits.
With a commitment to community impact, including volunteer days and our charity, Dayforce Cares we provide opportunities for you to thrive both in your career and personal life. Our focus is not just on your job but on supporting you to be the best version of yourself.
About the Salary Ranges
Please note that the salary range mentioned in this job description should serve simply as a guide. The final compensation offered may vary based on a variety of factors, including bonuses and/or incentives, or a candidate’s experience, skills, budget and location. Our company is committed to providing a fair, equitable, and competitive package that reflects the value an individual brings to the organization.
Fraudulent Recruiting
Beware of fraudulent recruiting. Legitimate Dayforce contacts will use an @dayforce.com or @Ceridian.com email address. We do not request money, checks, equipment orders, or sensitive personal data during the recruitment process. If you have been asked for any of the above, or believe you have been contacted by someone posing as a Dayforce employee, please refer to our fraudulent recruiting statement found here: https://www.dayforce.com/be-aware-of-recruiting-fraud
Location: Work is what you do, not where you go. For this role, we are open to remote work and can hire anywhere in the United States or Canada.
About The Opportunity
As an Application Security Engineer, you’ll play a critical role in helping our engineering teams design and build secure, resilient applications. You’ll lead hands-on product security assessments, collaborate on secure architecture and threat modeling, and influence engineering practices to raise the bar for software security across our organization.
What you'll get to do
• Lead product security reviews: Conduct full-scope security assessments of our applications and services—including code reviews, threat modeling, and both dynamic and static analysis. You'll work across teams to identify and mitigate risks early in the development lifecycle.
• Influence architecture and design: Serve as a security thought partner for product architects and engineers. You'll guide threat modeling efforts, assess technical risk, and champion security best practices throughout the SDLC.
• Drive strategic initiatives: Own high-impact security projects that shape the future of our product security posture. Past initiatives have included supply chain security automation, advanced SAST/DAST integrations, and secure development training programs.
• Identify and support remediation of vulnerabilities: Leverage available tools (e.g., static/dynamic analysis, scanning platforms, and internal reports) to investigate security issues, assess root causes, and design effective remediation strategies. Partner closely with engineering teams to provide guidance and support throughout the implementation of fixes, ensuring they align with security best practices.
• Enable engineering teams: Act as an embedded security advocate and collaborator, helping development teams move fast—safely. You'll create guidance, tooling, and processes that make it easier to build secure software.
Skills and Experiences we value
• Hands-on experience in application or product security, with a background in software development
• Strong technical depth, with experience in at least one modern programming language (e.g. C#, Java, Python)
• Cloud security expertise, particularly in Azure and/or AWS, including familiarity with IAM, containerization, networking, and native security controls.
• Proven ability to analyze complex systems and codebases, especially within distributed, microservices-based environments
• Excellent communication skills, with the ability to clearly articulate risk and security trade-offs to technical and non-technical stakeholders
• Experience with static and dynamic analysis tools, Atlassian suite and pentesting tools (Burp, sqlmap)
• Ability to perform black-box and grey-box testing of web applications and APIs
What would make you really stand out
• Prior experience in a SaaS or cloud-native environment
• Familiarity with secure CI/CD practices and software supply chain security
• Experience leading or contributing to secure development lifecycle (SDL) programs
• Contributions to open-source security tools or research
• CISSP, CEH/OSCP certification
What’s in it for you
Dayforce is fueled by the diversity of our talented employees. We are an equal opportunity employer and consider and embrace ALL individuals and what makes them unique. We believe our employees should be happy and healthy, with peace of mind and a sense of fulfillment.
We encourage individuals to apply based on their passions.
Dayforce encourages personal and professional growth. We offer excellent time away from work programs, comprehensive wellness initiatives and recognition through competitive pay and benefits.
With a commitment to community impact, including volunteer days and our charity, Dayforce Cares we provide opportunities for you to thrive both in your career and personal life. Our focus is not just on your job but on supporting you to be the best version of yourself.
About the Salary Ranges
Please note that the salary range mentioned in this job description should serve simply as a guide. The final compensation offered may vary based on a variety of factors, including bonuses and/or incentives, or a candidate’s experience, skills, budget and location. Our company is committed to providing a fair, equitable, and competitive package that reflects the value an individual brings to the organization.
Fraudulent Recruiting
Beware of fraudulent recruiting. Legitimate Dayforce contacts will use an @dayforce.com or @Ceridian.com email address. We do not request money, checks, equipment orders, or sensitive personal data during the recruitment process. If you have been asked for any of the above, or believe you have been contacted by someone posing as a Dayforce employee, please refer to our fraudulent recruiting statement found here: https://www.dayforce.com/be-aware-of-recruiting-fraud
Job stats:
3
1
0
Categories:
AppSec Jobs
Security Engineering Jobs
Tags: APIs Application security Automation AWS Azure C CEH CI/CD CISSP Cloud Compliance DAST IAM Java Microservices OSCP Pentesting Product security Python SaaS SAST SDLC Security assessment Vulnerabilities
Perks/benefits: Career development Competitive pay Startup environment Wellness
Regions:
Remote/Anywhere
North America
Country:
Canada
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Specialist jobsProduct Security Engineer jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsInformation Security Manager jobsCyber Security Specialist jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Consultant jobsIT Security Engineer jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsCybersecurity Specialist jobsSenior Software Engineer jobs
Encryption jobsTS/SCI jobsSaaS jobsJava jobsBash jobsThreat detection jobsTop Secret jobsTerraform jobsSplunk jobsRMF jobsSDLC jobsIDS jobsIPS jobsSOC 2 jobsSQL jobsMalware jobsCompTIA jobsFinance jobsDocker jobsForensics jobsActive Directory jobsIntrusion detection jobsITIL jobsGIAC jobsDoDD 8570 jobs
VPN jobsOWASP jobsIT infrastructure jobsHIPAA jobsCRISC jobsAnsible jobsTCP/IP jobsCCSP jobsClearance Required jobsData Analytics jobsMITRE ATT&CK jobsBanking jobsOSCP jobsNIST 800-53 jobsZero Trust jobsCISO jobsJira jobsUNIX jobsSOAR jobsEndpoint security jobsDNS jobsSOX jobsIndustrial jobsGCIH jobsPolygraph jobs