Security Engineer: AI/AppSec
Ignite Technical Resources View all jobs
- Richmond, BC
- Contract
- Full-time
The Security Engineer (AI AppSec) will be a key member of a DevSecOps team, responsible for integrating security throughout the software development lifecycle. This role focuses on application security, including secure design reviews, threat modelling, secure code reviews, and penetration testing. The successful candidate will contribute to securing AI-enabled solutions and ensuring robust security controls across applications and infrastructure. This position requires hands-on technical expertise and the ability to support secure development practices across cross-functional teams.Duties & Responsibilities
- Conduct threat modelling to identify and mitigate security risks in application and product design
- Perform secure code reviews, design reviews, and penetration testing (black box and white box)
- Execute SCA, SAST, and DAST analysis using industry-standard tools and integrate them into CI/CD pipelines
- Develop and maintain cloud security policies to support secure deployment of applications and platforms
- Design and implement security controls ensuring confidentiality, integrity, availability, authentication, and non-repudiation
- Manage vulnerability and risk management processes throughout the software development lifecycle
- Define and document security requirements and controls aligned with solution architecture
- Support security validation and tuning of testing tools to ensure accurate results
- Collaborate with DevOps teams to embed secure development practices
- Deliver secure coding training and awareness to development teams
- Evaluate and implement new security tools and technologies
- Ensure compliance with security policies, standards, and best practices
- Participate in security monitoring and incident response activities
- Minimum 6 years of experience in security engineering roles with increasing complexity
- Undergraduate degree in Computer Science or a STEM-related field
- Industry certification such as CISSP, CEH, or equivalent
- Strong expertise in SCA, SAST, DAST, threat modelling, and web application penetration testing
- Hands-on experience with application security design, architecture, and AI security controls
- Experience securing AI or machine learning-based applications
- Knowledge of cloud security practices, particularly in Azure environments
- Experience integrating security tools into CI/CD pipelines
- Familiarity with DevSecOps practices and secure SDLC frameworks
- Experience conducting security risk assessments for complex systems
This is a 12-month contract engagement with possible extensions. The role is hybrid, requiring onsite presence three days per week in Richmond. Candidates must be available to complete background and reference checks as part of the offer process.About Ignite Technical: Based in Vancouver and proudly Canadian, Ignite Technical Resources has been providing Top Technical Talent to organizations across Canada since 2005.Equal Opportunity Employer: Ignite Technical is an equal opportunity employer and is committed to providing equal employment opportunities to all individuals regardless of race, color, religion, sex, sexual orientation, disability, gender identity, national origin, or age.Work Permits: Please note that Ignite's Clients require all interested candidates to obtain the necessary work permits from the Government of Canada prior to submitting an application. This position is open exclusively to individuals residing in Canada and legally authorized to work in Canada. Applications not meeting these criteria will not be considered.Further Consideration: We receive a high volume of applications and are only able to contact candidates who are selected for further consideration.Follow Us: Check us out on LinkedIn and follow us on Twitter and Threads for company updates and job postings!Ignite. Wired for People.