Company Description
Shopify is a leading global commerce company, providing trusted tools to start, grow, market, and manage a retail business of any size. Shopify makes commerce better for everyone with a platform and services that are engineered for reliability, while delivering a better shopping experience for consumers everywhere. Shopify powers millions of businesses in more than 175 countries and is trusted by brands such as Allbirds, Gymshark, PepsiCo, Staples, and many more.
The Application Security team discovers and fixes security vulnerabilities in Shopify's products through sources such as internal security assessments and Shopify's public bug bounty program. The team then develops tooling, static analysis checks, and low-level fixes to prevent future vulnerabilities.
Our Application Security team is broken down into three key focus areas:
Proactive Security
Our Proactive Security team manually reviews key applications, develops tools to automatically keep dependencies up to date, deploys static analysis tooling to identify vulnerabilities, provides dashboards to help development teams prioritize security issues, and teaches developers how to identify security issues in their own applications.
Bug Bounty
Shopify runs one of the world's largest bug bounty programs. Our Bug Bounty team continuously improves the program by adding new applications into scope, organizing "live hacking" events, and building tools that streamline our triage process and reduce the time needed to remediate vulnerabilities.
Ecosystem Security
Many external developers use Shopify's API to build things, and merchants expect these integrations to be secure. We build scanning tools to verify that integrations meet our security requirements and automatically notify developers when issues need to be corrected. We also scan for API tokens that have been inadvertently published to sites such as GitHub.
We are looking for leaders to manage our Proactive Security team. If you’re an experienced, people-focused engineering lead, and you’re excited about growing people and teams to help protect our merchants, this role is for you!
You will:
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.