Staff Security Engineer, Application Security (Hybrid)

We are looking for a Staff Security Engineer to own and shape Homebase's Application Security domain. This is a technical leadership role that requires 10+ years of progressive experience in Application Security or Security Engineering, with demonstrated impact at the Staff or Principal level.

Requirements

• 10+ years of progressive experience in Application Security or Security Engineering
• Deep software engineering experience in production environments
• Proven track record of leading architectural changes and complex cross-team initiatives that reduced security risk at scale
• Hands-on experience securing AI-native applications, including LLM integrations, model pipelines, or ML infrastructure
• Strong expertise in web application security, cloud-native security (AWS), and modern DevSecOps practices
• Proficiency in languages and frameworks relevant to our stack: Ruby, Python, React, and Rails
• Experience designing and implementing modern vulnerability management systems and embedding security tooling within CI/CD pipelines
• Exceptional ability to evaluate security trade-offs, make pragmatic risk-informed decisions, and communicate them clearly to technical and non-technical stakeholders

Benefits

• Stock options
• TFSA/RRSP with 4% company match
• Comprehensive medical, dental, and vision for you and your dependents
• Flex time off
• Company holidays
• Designated focus periods
• Maternity/Parental Leave EI top-up support offered (after 6 months of service)
• Life insurance
• Short/long-term disability coverage
• Meals provided
• Team offsites
• Customer Days