Senior Application Security Developer
atVenu
Software Engineering
Remote
Posted on Mar 15, 2026
Senior Application Security Developer - Job Description
Reports To: Development Manager, Engineering & Security
Location: Ideally in the Calgary area; can be remote/hybrid
About the Job:
With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future developing new infrastructure features. They will have familiarity with PCI, GDPR, and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security and will be motivated to work collaboratively across teams, raising overall awareness of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
Reports To: Development Manager, Engineering & Security
Location: Ideally in the Calgary area; can be remote/hybrid
About the Job:
With atVenu's accelerated growth, we need a Senior Application Security Developer to join the team. The successful candidate will be an adept Rails/React developer who enjoys looking backwards, refactoring legacy code to fix vulnerabilities, while keeping an eye towards the future developing new infrastructure features. They will have familiarity with PCI, GDPR, and SOC2 compliance/regulatory standards, and will have a keen interest in staying abreast of emerging security threats. They will be considered a subject matter expert in the field of software security and will be motivated to work collaboratively across teams, raising overall awareness of software security on a busy engineering team. Experience leveraging AI tools in software engineering and security would be nice to have.
Our Tech Stack:
- Front End: React Native, React, JavaScript
- Backend: Ruby, Rails, GraphQL, PostgreSQL, Redis, CouchDb
- Cloud Platform: AWS
- Tools: GitHub, Sidekiq, Docker
- Help shape our maturing security vulnerability management program, in support of our PCI DSS and SOC2 security compliance obligations
- Participate in vulnerability assessments, security audits, penetration tests and manual inspection
- Complete security code reviews with the use of scanning tools and manual inspection
- Support incident response and architecture review processes when application security expertise in required
- Integrate threat modeling practices into the product development life cycle
- Review/analyze security logs/reports from a variety of sources; propose/implement recommendations for improvement
- Conduct real time tactical management of security events in collaboration with compliance and engineering teams
- Create and execute phishing campaigns inclusive of ongoing review/analysis/risk prioritization authentic phishing emails
- Support Vendor Management activities to ensure security standards are adhered to
- 8+ years of developer experience, with at least 3 of those years specialized in security vulnerability management
- Proficiency with Ruby on Rails and React
- Proven experience in mobile application development (IOS/Android)
- Direct experience with enterprise server platforms, virtualized technology and cloud operations (AWS, Docker)
- Expertise in employing analytics/threat intelligence techniques, incident response process and software security
- Deep knowledge of compliance and privacy management across North America and Europe
- Experience in the use of development and testing tools iwth strong knowledge of networking security
- Excellent communicator capable of explaining vulnerabilities and weaknesses, and discussing effective defensive techniques to technical/non-technical team members
- Programming experience in:
- unix/mac, javascript/ruby/shell
- reactjs/react-native/graphql/rest/rails/sidekiq/postgres/couchdb/redis
- strip/heroku/aws/github/rubymine
