Application Security Developer (AI)

TL;DR

Application Security Developer (AI): Proactively discovering, exploiting, and remediating critical security vulnerabilities across applications with an accent on emulating real-world adversaries and partnering with development teams. Focus on building innovative solutions, challenging defenses, and eliminating flaws before abuse.

Location: This role can be performed from one of our Canadian offices (Vancouver, Calgary, Toronto), or remotely across Canada. Local hirify.global employees in Vancouver, Calgary, Toronto, Dublin, and Sydney are expected to work in office a minimum of twice per week.

Salary: 116,500–157,500 CAD

Company

hirify.global is a global leader in legal AI technology, transforming the legal experience for professionals and firms by bettering lives and increasing access to justice.

What you will do

• Write, review, and implement tools to help developers avoid security flaws.
• Build partnerships with development teams and advise on security best practices.
• Contribute to collective developer education by driving security awareness.
• Provide detailed guidance and support for vulnerability remediation and develop systematic fixes.
• Perform penetration testing and offensive campaigns against internal assets.
• Perform reactive incident response, forensics, and proactive research to detect new attack vectors.

Requirements

• Experience in Application Security, with a strong focus on offensive security and penetration testing.
• Hands-on expertise identifying and exploiting complex vulnerabilities (e.g., SSRF, Deserialization, logic bypasses).
• Proven ability to lead and conduct formal threat modeling sessions.
• Strong proficiency in at least one major programming language (e.g., Python, .NET, JavaScript).
• Experience securing applications in modern cloud environments (AWS, Azure, or GCP).
• Expertise with common application security tools and platforms (e.g., Burp Suite, SAST, SCA).

Nice to have

• Security certifications such as OSCP or OSWE.
• Active participation in the security community (e.g., presenting at conferences).
• Experience with Ruby on Rails, Puppet, Kubernetes, Terraform, ELK.
• Strong AWS security experience on EC2 and managed services.
• Infrastructure security (WAF, ACLs, authentication, device hardening).

Culture & Benefits

• Competitive, equitable salary with top-tier health benefits, dental, and vision insurance.
• Hybrid work environment with a flexible time off policy (encouraged 20 days off per year).
• $2000 annual counseling benefit.
• RRSP matching and RESP contribution.
• hirify.globalversary recognition program with special acknowledgement.